Vulnerabilities in Huawei

1,367 results
Vexday analysis

Com 1.362 CVEs catalogadas, o portfólio de vulnerabilidades da Huawei apresenta volume expressivo, embora a taxa de exploração ativa esteja abaixo da média geral do catálogo, com nenhuma entrada confirmada no CISA KEV. O tipo de falha mais frequente é CWE-125 (leitura fora dos limites de buffer), padrão que tende a viabilizar vazamento de informações ou condições de instabilidade em equipamentos de rede e sistemas embarcados. A CVE de maior pontuação EPSS no momento é CVE-2019-5285, com índice de 0,0166 — valor baixo em termos absolutos, mas que ainda merece atenção em ambientes onde o ativo afetado esteja exposto. A ausência de PoCs públicas conhecidas reduz a superfície de exploração imediata, mas os 57 registros de severidade crítica e as 47 CVEs surgidas nos últimos 90 dias indicam que a gestão contínua de patches permanece necessária.

CVE-2026-41960MEDIUMPermission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2025-54638MEDIUMIssue of inconsistent read/write serialization in the ad module. Impact: Successful exploitation of this vulnerability may affect the availaEPSS 0.1%CVE-2025-58281HIGHOut-of-bounds read vulnerability in the runtime interpreter module. Impact: Successful exploitation of this vulnerability may affect availabEPSS 0.1%CVE-2025-54613MEDIUMIterator failure vulnerability in the card management module. Impact: Successful exploitation of this vulnerability may affect function stabEPSS 0.1%CVE-2025-54612MEDIUMIterator failure vulnerability in the card management module. Impact: Successful exploitation of this vulnerability may affect function stabEPSS 0.1%CVE-2025-58305MEDIUMIdentity authentication bypass vulnerability in the Gallery app. Impact: Successful exploitation of this vulnerability may affect service coEPSS 0.1%CVE-2025-54637MEDIUMOut-of-bounds array access issue due to insufficient data verification in the kernel ambient light module. Impact: Successful exploitation oEPSS 0.1%CVE-2025-46585HIGHOut-of-bounds array read/write vulnerability in the kernel module Impact: Successful exploitation of this vulnerability may affect availabilEPSS 0.1%CVE-2026-34867MEDIUMDouble free vulnerability in the multi-mode input system. Impact: Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2025-54621MEDIUMIterator failure issue in the WantAgent module. Impact: Successful exploitation of this vulnerability may cause memory release failures.EPSS 0.1%CVE-2025-68960HIGHMulti-thread race condition vulnerability in the video framework module. Impact: Successful exploitation of this vulnerability may affect avEPSS 0.1%CVE-2025-58299HIGHUse After Free (UAF) vulnerability in the storage management module. Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2024-54122MEDIUMConcurrent variable access vulnerability in the ability module Impact: Successful exploitation of this vulnerability may affect availabilityEPSS 0.1%CVE-2025-54619MEDIUMIterator failure issue in the multi-mode input module. Impact: Successful exploitation of this vulnerability may cause iterator failures andEPSS 0.1%CVE-2026-41980MEDIUMPermission control vulnerability in the file preview module. Impact: Successful exploitation of this vulnerability may affect service confidEPSS 0.1%CVE-2025-58283MEDIUMPermission control vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect service confidentiality.EPSS 0.1%CVE-2025-53185MEDIUMVirtual address reuse issue in the memory management module, which can be exploited by non-privileged users to access released memory ImpactEPSS 0.1%CVE-2026-28541MEDIUMPermission control vulnerability in the cellular_data module. Impact: Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2024-51515MEDIUMRace condition vulnerability in the kernel network module Impact:Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2025-46589MEDIUMVulnerability of unauthorized access in the app lock module Impact: Successful exploitation of this vulnerability will affect integrity and EPSS 0.1%