Stack overflow vulnerability in the media platform. Impact: Successful exploitation of this vulnerability may affect availability.
Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect power consumption.
Out-of-bounds read vulnerability in the M3U8 module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
Out-of-bounds read vulnerability in the DASH module Impact: Successful exploitation of this vulnerability will affect availability.
Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.
Permission control vulnerability in the window management module.Successful exploitation of this vulnerability may cause features to perform abnormally.
USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a heap buffer overflow when decoding a certificate, an attacker may exploit the vulnerability by a malicious certificate to perform a denial of service attack on the affected products.
Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset.
There is a DoS vulnerability in RTSP module of Leland-AL00A Huawei smart phones versions earlier than Leland-AL00A 9.1.0.111(C00E111R2P10T8). Remote attackers could trick the user into opening a malformed RTSP media stream to exploit this vulnerability. Successful exploit could cause the affected phone abnormal, leading to a DoS condition. (Vulnerability ID: HWPSIRT-2019-02004)
Out-of-bounds write vulnerability in the IMS module. Impact: Successful exploitation of this vulnerability may affect availability.
Huawei Share function in P30 9.1.0.193(C00E190R2P1) smartphone has an insufficient input validation vulnerability. Attackers can exploit this vulnerability by sending crafted packets to the affected device. Successful exploit may cause the function will be disabled.
USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in an infinite loop, an attacker may exploit the vulnerability via a malicious certificate to perform a denial of service attack on the affected products.
There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en.
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
Unauthorized service access vulnerability in the DSoftBus module. Successful exploitation of this vulnerability will affect availability.
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en.
Vulnerability of message types not being verified in the advanced messaging modul Impact: Successful exploitation of this vulnerability may affect availability.
Out-of-bounds write vulnerability in the HAL-WIFI module Impact: Successful exploitation of this vulnerability may affect availability.
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
Access permission verification vulnerability in the input method framework module Impact: Successful exploitation of this vulnerability may affect availability.
Vulnerability of permission verification for APIs in the DownloadProviderMain module Impact: Successful exploitation of this vulnerability will affect availability.
Input verification vulnerability in the system service module Impact: Successful exploitation of this vulnerability will affect availability.
There is an out of bound read vulnerability in some Huawei products. A remote, unauthenticated attacker may send a corrupt or crafted message to the affected products. Due to a buffer read overflow error when parsing the message, successful exploit may cause some service to be abnormal.
The pgmng module has a vulnerability in serialization/deserialization. Successful exploitation of this vulnerability may affect availability.
The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en.
There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
Insufficient verification vulnerability in the system sharing pop-up module Impact: Successful exploitation of this vulnerability will affect availability.
The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.
Insufficient verification vulnerability in the baseband module Impact: Successful exploitation of this vulnerability will affect availability.
Permission verification vulnerability in the system sharing pop-up module Impact: Successful exploitation of this vulnerability will affect availability.
The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.
There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory leak.
Use After Free (UAF) vulnerability in the underlying driver module. Impact: Successful exploitation of this vulnerability will affect availability.
Vulnerability of improper permission control in the window management module. Impact: Successful exploitation of this vulnerability will affect availability.
The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.
The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.
The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability.
The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.
Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect availability.
The multimedia video module has a vulnerability in data processing.Successful exploitation of this vulnerability may affect availability.
The reminder module lacks an authentication mechanism for broadcasts received. Successful exploitation of this vulnerability may affect availability.
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
There is a misinterpretation of input vulnerability in Huawei Printer. Successful exploitation of this vulnerability may cause the printer service to be abnormal.
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.