Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-22402

Summary
Assigner-huawei
Assigner Org ID-25ac1063-e409-4190-8079-24548c77ea2e
Published At-28 Oct, 2021 | 12:21
Updated At-03 Aug, 2024 | 18:44
Rejected At-
Credits

There is a DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause DoS attacks.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:huawei
Assigner Org ID:25ac1063-e409-4190-8079-24548c77ea2e
Published At:28 Oct, 2021 | 12:21
Updated At:03 Aug, 2024 | 18:44
Rejected At:
▼CVE Numbering Authority (CNA)

There is a DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause DoS attacks.

Affected Products
Vendor
Huawei Technologies Co., Ltd.Huawei
Product
EMUI
Versions
Affected
  • 11.0.0
Vendor
Huawei Technologies Co., Ltd.Huawei
Product
Magic UI
Versions
Affected
  • 4.0.0
Problem Types
TypeCWE IDDescription
textN/AUncaught Exception
Type: text
CWE ID: N/A
Description: Uncaught Exception
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://consumer.huawei.com/en/support/bulletin/2021/7/
x_refsource_MISC
Hyperlink: https://consumer.huawei.com/en/support/bulletin/2021/7/
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://consumer.huawei.com/en/support/bulletin/2021/7/
x_refsource_MISC
x_transferred
Hyperlink: https://consumer.huawei.com/en/support/bulletin/2021/7/
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@huawei.com
Published At:28 Oct, 2021 | 13:15
Updated At:09 Dec, 2021 | 17:57

There is a DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause DoS attacks.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
Huawei Technologies Co., Ltd.
huawei
>>emui>>11.0.0
cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>magic_ui>>4.0.0
cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://consumer.huawei.com/en/support/bulletin/2021/7/psirt@huawei.com
Vendor Advisory
Hyperlink: https://consumer.huawei.com/en/support/bulletin/2021/7/
Source: psirt@huawei.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

425Records found
CVE-2022-41582
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.08% / 24.81%
||
7 Day CHG~0.00%
Published-14 Oct, 2022 | 00:00
Updated-14 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The security module has configuration defects.Successful exploitation of this vulnerability may affect system availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiHarmonyOSEMUI
CWE ID-CWE-15
External Control of System or Configuration Setting
CVE-2016-8782
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.3||MEDIUM
EPSS-0.13% / 33.16%
||
7 Day CHG~0.00%
Published-09 Mar, 2018 | 21:00
Updated-06 Aug, 2024 | 02:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Label Distribution Protocol (LDP) packets to the devices repeatedly. Due to improper validation of some specific fields of the packet, the LDP processing module does not release the memory, resulting in memory leak.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-cloudengine_12800cloudengine_12800_firmwareCloudEngine 12800
CWE ID-CWE-399
Not Available
CVE-2016-8797
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.28% / 50.72%
||
7 Day CHG~0.00%
Published-02 Apr, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei AR3200 with software V200R007C00, V200R005C32, V200R005C20; S12700 with software V200R008C00, V200R007C00; S5300 with software V200R008C00, V200R007C00, V200R006C00; S5700 with software V200R008C00, V200R007C00, V200R006C00; S6300 with software V200R008C00, V200R007C00; S6700 with software V200R008C00, V200R007C00; S7700 with software V200R008C00, V200R007C00, V200R006C00; S9300 with software V200R008C00, V200R007C00, V200R006C00; and S9700 with software V200R008C00, V200R007C00, V200R006C00 allow remote attackers to send abnormal Multiprotocol Label Switching (MPLS) packets to cause memory exhaustion.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-ar3200s12700s6300s7700_firmwares12700_firmwares5700s6300_firmwares7700ar3200_firmwares6700_firmwares5700_firmwares9700_firmwares6700s9700s5300_firmwares9300_firmwares9300s5300AR3200,S12700,S5300,S5700,S6300,S6700,S7700,S9300,S9700 AR3200 V200R007C00, V200R005C32, V200R005C20,S12700 V200R008C00, V200R007C00,S5300 V200R008C00, V200R007C00, V200R006C00,S5700 V200R008C00, V200R007C00, V200R006C00,S6300 V200R008C00, V200R007C00,S6700 V200R008C00, V200R007C00,S7700 V200R008C00, V200R007C00, V200R006C00,S9300 V200R008C00, V200R007C00, V200R006C00,S9700 V200R008C00, V200R007C00, V200R006C00,
CVE-2016-6518
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.32% / 54.55%
||
7 Day CHG~0.00%
Published-26 Sep, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in Huawei S9300, S5300, S5700, S6700, S7700, S9700, and S12700 devices allows remote attackers to cause a denial of service (memory consumption and restart) via a large number of malformed packets.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-s5300s6300s7700_firmwares9700s5700_firmwares5300_firmwares6700s6700_firmwares9300_firmwares6300_firmwares5700s12700s7700s12700_firmwares9700_firmwares9300n/a
CVE-2022-39005
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.11% / 29.82%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 17:56
Updated-03 Aug, 2024 | 11:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosMagic UIHarmonyOSEMUI
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2022-38996
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.11% / 30.33%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 17:57
Updated-03 Aug, 2024 | 11:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CVE-2022-38987
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.11% / 30.33%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 17:55
Updated-03 Aug, 2024 | 11:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosHarmonyOSEMUI
CVE-2022-38990
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.11% / 30.33%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 17:55
Updated-03 Aug, 2024 | 11:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosHarmonyOSEMUI
CVE-2022-37007
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.14%
||
7 Day CHG~0.00%
Published-09 Aug, 2022 | 20:10
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The chinadrm module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect the availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosMagic UIHarmonyOSEMUI
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-37008
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.06% / 19.18%
||
7 Day CHG~0.00%
Published-09 Aug, 2022 | 20:10
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosMagic UIHarmonyOSEMUI
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2022-37006
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.10% / 29.10%
||
7 Day CHG+0.02%
Published-09 Aug, 2022 | 20:11
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Permission control vulnerability in the network module. Successful exploitation of this vulnerability may affect service availability.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOS;EMUI
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-37004
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.14%
||
7 Day CHG~0.00%
Published-09 Aug, 2022 | 20:10
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE). Successful exploitation of this vulnerability may affect the availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosMagic UIHarmonyOSEMUI
CVE-2022-37001
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.10%
||
7 Day CHG~0.00%
Published-09 Aug, 2022 | 20:10
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The diag-router module has a vulnerability in intercepting excessive long and short instructions. Successful exploitation of this vulnerability will cause the diag-router module to crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CVE-2022-34735
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.15% / 36.13%
||
7 Day CHG~0.00%
Published-11 Jul, 2022 | 13:52
Updated-03 Aug, 2024 | 09:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-34736
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.15% / 36.13%
||
7 Day CHG~0.00%
Published-11 Jul, 2022 | 13:52
Updated-03 Aug, 2024 | 09:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-34743
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.14%
||
7 Day CHG~0.00%
Published-11 Jul, 2022 | 13:53
Updated-03 Aug, 2024 | 09:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The AT commands of the USB port have an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosMagic UIHarmonyOSEMUI
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-46789
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.14%
||
7 Day CHG~0.00%
Published-13 May, 2022 | 15:03
Updated-04 Aug, 2024 | 05:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Configuration defects in the secure OS module. Successful exploitation of this vulnerability can affect availability.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-magic_uiemuiEMUI;Magic UI
CVE-2021-46884
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.08% / 25.37%
||
7 Day CHG~0.00%
Published-26 May, 2023 | 00:00
Updated-16 Jan, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiHarmonyOSEMUI
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-46814
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.22% / 44.44%
||
7 Day CHG~0.00%
Published-13 Jun, 2022 | 14:54
Updated-04 Aug, 2024 | 05:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosMagic UIHarmonyOSEMUI
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-46813
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.25% / 48.28%
||
7 Day CHG~0.00%
Published-13 Jun, 2022 | 15:06
Updated-04 Aug, 2024 | 05:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-212
Improper Removal of Sensitive Information Before Storage or Transfer
CVE-2021-46881
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.08% / 25.37%
||
7 Day CHG~0.00%
Published-26 May, 2023 | 00:00
Updated-16 Jan, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiHarmonyOSEMUI
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-46886
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.08% / 25.37%
||
7 Day CHG~0.00%
Published-26 May, 2023 | 00:00
Updated-16 Jan, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiHarmonyOSEMUI
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-31754
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.10%
||
7 Day CHG~0.00%
Published-13 Jun, 2022 | 15:06
Updated-03 Aug, 2024 | 07:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CVE-2015-8672
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.22% / 44.97%
||
7 Day CHG~0.00%
Published-12 Jan, 2016 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The presentation transmission permission management mechanism in Huawei TE30, TE40, TE50, and TE60 multimedia video conferencing endpoints with software before V100R001C10SPC100 allows remote attackers to cause a denial of service (wired presentation outage) via unspecified vectors involving a wireless presentation.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-te30te50te40te60te60_firmwaren/a
CVE-2015-8087
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.22% / 44.50%
||
7 Day CHG~0.00%
Published-19 Nov, 2015 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before V800R007C10SPC100 and NE40E and NE80E routers with software before V800R007C00SPC100 allows remote attackers to send packets to other VPNs and conduct flooding attacks via a crafted MPLS forwarding packet, aka a "VPN routing and forwarding (VRF) hopping vulnerability."

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-ne40e-m2ne_router_softwarene40e-mne20e-sne40ene80en/a
CVE-2022-31753
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.14%
||
7 Day CHG~0.00%
Published-13 Jun, 2022 | 15:06
Updated-03 Aug, 2024 | 07:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosMagic UIHarmonyOSEMUI
CWE ID-CWE-134
Use of Externally-Controlled Format String
CVE-2015-7845
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.22% / 44.50%
||
7 Day CHG~0.00%
Published-19 Nov, 2015 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The exception handling mechanism in the CLI Module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V100R001C20SPH605 allows remote attackers to cause a denial of service (CLI outage) via crafted SSH packets.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-espace_firmwareespace_unified_gateway_u1980espace_unified_gateway_u1960espace_unified_gateway_u1930espace_unified_gateway_u1910espace_unified_gateway_u1981espace_unified_gateway_u1911n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-40056
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.26% / 48.96%
||
7 Day CHG~0.00%
Published-07 Mar, 2022 | 13:50
Updated-04 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-40062
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.26% / 48.96%
||
7 Day CHG~0.00%
Published-07 Mar, 2022 | 13:49
Updated-04 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-39973
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.15% / 36.13%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 21:07
Updated-04 Aug, 2024 | 02:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Null pointer dereference in Smartphones.Successful exploitation of this vulnerability may cause the kernel to break down.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosMagic UIHarmonyOSEMUI
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-39999
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.20% / 42.71%
||
7 Day CHG~0.00%
Published-11 Jul, 2022 | 13:56
Updated-04 Aug, 2024 | 02:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a buffer overflow vulnerability in eSE620X vESS V100R001C10SPC200 and V100R001C20SPC200. An attacker can exploit this vulnerability by sending a specific message to the target device due to insufficient validation of packets. Successful exploit could cause a denial of service condition.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-ese620x_vess_firmwareese620x_vesseSE620X vESS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-40058
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.27% / 49.79%
||
7 Day CHG~0.00%
Published-07 Mar, 2022 | 13:49
Updated-04 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-39987
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.10%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 21:07
Updated-22 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2021-39977
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.16%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 21:07
Updated-22 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-40001
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.3||MEDIUM
EPSS-0.18% / 39.58%
||
7 Day CHG~0.00%
Published-07 Jan, 2022 | 22:39
Updated-04 Aug, 2024 | 02:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The CaasKit module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause the MeeTime application to be unavailable.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2023-7266
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.08% / 24.67%
||
7 Day CHG~0.00%
Published-28 Dec, 2024 | 07:00
Updated-13 Jan, 2025 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some Huawei home routers have a connection hijacking vulnerability. Successful exploitation of this vulnerability may cause DoS or information leakage.(Vulnerability ID:HWPSIRT-2023-76605) This vulnerability has been assigned a (CVE)ID:CVE-2023-7266

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-ws7206-10ws7200-10tc7001-10tc7001-10_firmwarews7200-10_firmwarews7206-10_firmwareTC7001-10WS7206-10WS7200-10
CWE ID-CWE-420
Unprotected Alternate Channel
CVE-2021-37043
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.36%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:02
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to malicious application processes occupy system resources.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosHarmonyOS
CWE ID-CWE-287
Improper Authentication
CVE-2021-36993
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.10%
||
7 Day CHG~0.00%
Published-28 Oct, 2021 | 12:26
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Memory leaks vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2021-37076
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.10%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:04
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37007
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.88%
||
7 Day CHG~0.00%
Published-23 Nov, 2021 | 15:21
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37066
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.10%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:03
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to process crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-29795
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.20%
||
7 Day CHG~0.00%
Published-13 May, 2022 | 15:05
Updated-03 Aug, 2024 | 06:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-37090
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.16% / 36.98%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:06
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to process crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37129
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.10%
||
7 Day CHG~0.00%
Published-27 Oct, 2021 | 00:41
Updated-04 Aug, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-s9700ips_moduleusg9500_firmwares1700_firmwares2700ips_module_firmwares7700_firmwarengfw_module_firmwares7700usg9500s1700nip6600s12700s5700_firmwares6700_firmwarengfw_modules12700_firmwares9700_firmwarenip6600_firmwares5700s6700s2700_firmwareIIPS Module;NGFW Module;NIP6600;S12700;S1700;S2700;S5700;S6700;S7700;S9700;USG9500
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-37027
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.14%
||
7 Day CHG~0.00%
Published-25 Feb, 2022 | 18:11
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service integrity.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CVE-2021-37072
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.10%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:03
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Incorrect Calculation of Buffer Size vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to memory crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-415
Double Free
CVE-2021-37004
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.88%
||
7 Day CHG~0.00%
Published-23 Nov, 2021 | 15:25
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-20
Improper Input Validation
CVE-2021-37083
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.16%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:04
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a NULL Pointer Dereference vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Denial of Service Attacks.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-37111
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.22% / 44.56%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 21:07
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Memory leakage vulnerability in Smartphone.Successful exploitation of this vulnerability may cause memory exhaustion.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosMagic UIEMUIHarmony OS
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2021-37018
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.88%
||
7 Day CHG~0.00%
Published-23 Nov, 2021 | 15:24
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Data Processing Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 8
  • 9
  • Next
Details not found