Vulnerabilities in Huawei

1,367 results

Vexday analysis

Com 1.362 CVEs catalogadas, o portfólio de vulnerabilidades da Huawei apresenta volume expressivo, embora a taxa de exploração ativa esteja abaixo da média geral do catálogo, com nenhuma entrada confirmada no CISA KEV. O tipo de falha mais frequente é CWE-125 (leitura fora dos limites de buffer), padrão que tende a viabilizar vazamento de informações ou condições de instabilidade em equipamentos de rede e sistemas embarcados. A CVE de maior pontuação EPSS no momento é CVE-2019-5285, com índice de 0,0166 — valor baixo em termos absolutos, mas que ainda merece atenção em ambientes onde o ativo afetado esteja exposto. A ausência de PoCs públicas conhecidas reduz a superfície de exploração imediata, mas os 57 registros de severidade crítica e as 47 CVEs surgidas nos últimos 90 dias indicam que a gestão contínua de patches permanece necessária.

CVE-2023-52544MEDIUMVulnerability of file path verification being bypassed in the email module. Impact: Successful exploitation of this vulnerability may affectEPSS 0.3%CVE-2024-58256MEDIUMEnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability may lead to arbitrary command execution.EPSS 0.3%CVE-2023-44119—Vulnerability of mutual exclusion management in the kernel module.Successful exploitation of this vulnerability will affect availability.EPSS 0.3%CVE-2023-52099HIGHVulnerability of foreground service restrictions being bypassed in the NMS module. Successful exploitation of this vulnerability may affect EPSS 0.3%CVE-2024-58113MEDIUMVulnerability of improper resource management in the memory management module Impact: Successful exploitation of this vulnerability may affeEPSS 0.3%CVE-2022-48507—Vulnerability of identity verification being bypassed in the storage module. Successful exploitation of this vulnerability may affect servicEPSS 0.3%CVE-2024-54097HIGHSecurity vulnerability in the HiView module Impact: Successful exploitation of this vulnerability may affect feature implementation and inteEPSS 0.3%CVE-2024-58111HIGHException capture failure vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerabiliEPSS 0.3%CVE-2024-58112HIGHException capture failure vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerabiliEPSS 0.3%CVE-2023-52542MEDIUMPermission verification vulnerability in the system module. Impact: Successful exploitation of this vulnerability will affect availability.EPSS 0.3%CVE-2021-40044—There is a permission verification vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may cause unauthorizeEPSS 0.3%CVE-2024-27895HIGHVulnerability of permission control in the window module. Successful exploitation of this vulnerability may affect confidentiality.EPSS 0.3%CVE-2023-41296—Vulnerability of missing authorization in the kernel module. Successful exploitation of this vulnerability may affect integrity and confidenEPSS 0.3%CVE-2023-52373HIGHVulnerability of permission verification in the content sharing pop-up module.Successful exploitation of this vulnerability may cause unauthEPSS 0.3%CVE-2023-4566HIGHVulnerability of trust relationships being inaccurate in distributed scenarios. Successful exploitation of this vulnerability may affect serEPSS 0.3%CVE-2022-48515—Vulnerability of inappropriate permission control in Nearby. Successful exploitation of this vulnerability may affect service confidentialitEPSS 0.3%CVE-2023-52107HIGHVulnerability of permissions being not strictly verified in the WMS module. Successful exploitation of this vulnerability may affect serviceEPSS 0.3%CVE-2023-52379HIGHPermission control vulnerability in the calendarProvider module.Successful exploitation of this vulnerability may affect service confidentiaEPSS 0.3%CVE-2023-52374HIGHPermission control vulnerability in the package management module.Successful exploitation of this vulnerability may affect service confidentEPSS 0.3%CVE-2023-52539HIGHPermission verification vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confiEPSS 0.3%

← previouspage 36 / 69next →