There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause integer overflows.
There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an integer overflow vulnerability. An unauthenticated, remote attacker may send specially crafted messages to the affected products. Due to insufficient input validation, successful exploit may cause integer overflow and some process abnormal.
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
Some products have the double fetch vulnerability. Successful exploitation of this vulnerability may cause denial of service (DoS) attacks to the kernel.
The DMSDP module of the distributed hardware has a vulnerability that may cause imposter control connections.Successful exploitation of this vulnerability may disconnect normal service connections.
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
There is a misinterpretation of input vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation of this vulnerability may cause the printer service to be abnormal.
There is a misinterpretation of input vulnerability in Huawei Printer. Successful exploitation of this vulnerability may cause the printer service to be abnormal.
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
The DUBAI module has a double free vulnerability. Successful exploitation of this vulnerability may affect system availability.
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
The facial recognition module has a vulnerability in input parameter verification. Successful exploitation of this vulnerability may cause failed facial recognition.
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
There is a misinterpretation of input vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could lead to DoS.
There is a buffer overflow vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could lead to device service exceptions.
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
Unauthorized service access vulnerability in the DSoftBus module. Successful exploitation of this vulnerability will affect availability.
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect availability.
There is a misinterpretation of input vulnerability in Huawei Printer. Successful exploitation of this vulnerability may cause the printer service to be abnormal.
The IPC module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.
The power consumption module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.
The ProfileSDK has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.
Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.
Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and lead to a DoS condition.
Missing parameter type validation in the DRM module. Successful exploitation of this vulnerability may affect availability.
The Display Service module has a UAF vulnerability. Successful exploitation of this vulnerability may affect the display service availability.
The power module has a vulnerability in permission verification. Successful exploitation of this vulnerability may cause abnormal status of a module on the device.
The graphics display module has a UAF vulnerability when traversing graphic layers. Successful exploitation of this vulnerability may affect system availability.
The lock screen module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.
The DDMP/ODMF module has a service hijacking vulnerability. Successful exploit of this vulnerability may cause services to be unavailable.
The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.
The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.
Insufficient verification vulnerability in the baseband module Impact: Successful exploitation of this vulnerability will affect availability.
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
Huawei Aslan Children's Watch has an improper input validation vulnerability. Successful exploitation may cause the watch's application service abnormal.
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
The diag-router module has a vulnerability in intercepting excessive long and short instructions. Successful exploitation of this vulnerability will cause the diag-router module to crash.
Permission control vulnerability in the network module. Successful exploitation of this vulnerability may affect service availability.
The chinadrm module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect the availability.
A Huawei device has an input verification vulnerability. Successful exploitation of this vulnerability may lead to DoS attacks.Affected product versions include:CV81-WDM FW versions 01.70.49.29.46.
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
Permission verification vulnerability in the system sharing pop-up module Impact: Successful exploitation of this vulnerability will affect availability.
There is a denial of service vulnerability in CV81-WDM FW versions 01.70.49.29.46. Successful exploitation could cause denial of service.
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
The HiAIserver has a vulnerability in verifying the validity of the properties used in the model.Successful exploitation of this vulnerability will affect AI services.