Vulnerabilities in Huawei

1,367 results
Vexday analysis

Com 1.362 CVEs catalogadas, o portfólio de vulnerabilidades da Huawei apresenta volume expressivo, embora a taxa de exploração ativa esteja abaixo da média geral do catálogo, com nenhuma entrada confirmada no CISA KEV. O tipo de falha mais frequente é CWE-125 (leitura fora dos limites de buffer), padrão que tende a viabilizar vazamento de informações ou condições de instabilidade em equipamentos de rede e sistemas embarcados. A CVE de maior pontuação EPSS no momento é CVE-2019-5285, com índice de 0,0166 — valor baixo em termos absolutos, mas que ainda merece atenção em ambientes onde o ativo afetado esteja exposto. A ausência de PoCs públicas conhecidas reduz a superfície de exploração imediata, mas os 57 registros de severidade crítica e as 47 CVEs surgidas nos últimos 90 dias indicam que a gestão contínua de patches permanece necessária.

CVE-2026-41975MEDIUMPermission management vulnerability in the network management module. Impact: Successful exploitation of this vulnerability may affect serviEPSS 0.1%CVE-2025-66323MEDIUMVulnerability of improper criterion security check in the card module. Impact: Successful exploitation of this vulnerability may affect avaiEPSS 0.1%CVE-2026-24930HIGHUAF concurrency vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2025-54625MEDIUMRace condition vulnerability in the kernel file system module. Impact: Successful exploitation of this vulnerability may affect availabilityEPSS 0.1%CVE-2026-28538MEDIUMPath traversal vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect availabiEPSS 0.1%CVE-2026-34862MEDIUMRace condition vulnerability in the power consumption statistics module. Impact: Successful exploitation of this vulnerability may affect avEPSS 0.1%CVE-2026-34861MEDIUMRace condition vulnerability in the thermal management module. Impact: Successful exploitation of this vulnerability may affect availabilityEPSS 0.1%CVE-2025-58313MEDIUMRace condition vulnerability in the device standby module. Impact: Successful exploitation of this vulnerability may cause feature exceptionEPSS 0.1%CVE-2025-68962MEDIUMMulti-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect aEPSS 0.1%CVE-2025-58316HIGHDoS vulnerability in the video-related system service module. Impact: Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2025-54651MEDIUMRace condition vulnerability in the kernel hufs module. Impact: Successful exploitation of this vulnerability may affect service confidentiaEPSS 0.1%CVE-2025-58279MEDIUMPermission control vulnerability in the media library module. Impact: Successful exploitation of this vulnerability may affect service confiEPSS 0.1%CVE-2026-28549MEDIUMRace condition vulnerability in the permission management service. Impact: Successful exploitation of this vulnerability may affect availabiEPSS 0.1%CVE-2025-64313MEDIUMDenial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2025-68969MEDIUMMulti-thread race condition vulnerability in the thermal management module. Impact: Successful exploitation of this vulnerability may affectEPSS 0.1%CVE-2026-28551MEDIUMRace condition vulnerability in the device security management module. Impact: Successful exploitation of this vulnerability may affect avaiEPSS 0.1%CVE-2025-66328HIGHMulti-thread race condition vulnerability in the network management module. Impact: Successful exploitation of this vulnerability may affectEPSS 0.1%CVE-2025-66326MEDIUMRace condition vulnerability in the audio module. Impact: Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2026-28539MEDIUMData processing vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect serviceEPSS 0.1%CVE-2025-66327HIGHRace condition vulnerability in the network module. Impact: Successful exploitation of this vulnerability may affect service confidentialityEPSS 0.1%