Vulnerabilidades en Huawei

1367 resultados
Análisis Vexday

Com 1.362 CVEs catalogadas, o portfólio de vulnerabilidades da Huawei apresenta volume expressivo, embora a taxa de exploração ativa esteja abaixo da média geral do catálogo, com nenhuma entrada confirmada no CISA KEV. O tipo de falha mais frequente é CWE-125 (leitura fora dos limites de buffer), padrão que tende a viabilizar vazamento de informações ou condições de instabilidade em equipamentos de rede e sistemas embarcados. A CVE de maior pontuação EPSS no momento é CVE-2019-5285, com índice de 0,0166 — valor baixo em termos absolutos, mas que ainda merece atenção em ambientes onde o ativo afetado esteja exposto. A ausência de PoCs públicas conhecidas reduz a superfície de exploração imediata, mas os 57 registros de severidade crítica e as 47 CVEs surgidas nos últimos 90 dias indicam que a gestão contínua de patches permanece necessária.

CVE-2026-24914MEDIUMType confusion vulnerability in the camera module. Impact: Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2023-52711HIGHVarious Issues Due To Exposed SMI Handler in AmdPspP2CmboxV2. The first issue can be leveraged to bypass the protections that have been put EPSS 0.1%CVE-2020-1826Huawei Honor Magic2 mobile phones with versions earlier than 10.0.0.175(C00E59R2P11) have an information leak vulnerability. Due to a moduleEPSS 0.1%CVE-2024-51520MEDIUMVulnerability of input parameters not being verified in the HDC module Impact: Successful exploitation of this vulnerability may affect avaiEPSS 0.1%CVE-2024-51517MEDIUMVulnerability of improper memory access in the phone service module Impact: Successful exploitation of this vulnerability may affect availabEPSS 0.1%CVE-2026-41966MEDIUMPermission control vulnerability in the smart sensing service. Impact: Successful exploitation of this vulnerability may affect service confEPSS 0.1%CVE-2024-39672HIGHMemory request logic vulnerability in the memory module. Impact: Successful exploitation of this vulnerability will affect integrity and avaEPSS 0.1%CVE-2023-7265MEDIUMPermission verification vulnerability in the lock screen module Impact: Successful exploitation of this vulnerability may affect availabilitEPSS 0.1%CVE-2023-52720MEDIUMRace condition vulnerability in the soundtrigger module Impact: Successful exploitation of this vulnerability will affect availability.EPSS 0.1%CVE-2024-45449MEDIUMAccess permission verification vulnerability in the ringtone setting module Impact: Successful exploitation of this vulnerability may affectEPSS 0.1%CVE-2024-51525MEDIUMPermission control vulnerability in the clipboard module Impact: Successful exploitation of this vulnerability may affect service confidentiEPSS 0.1%CVE-2024-51530MEDIUMLaunchAnywhere vulnerability in the account module Impact: Successful exploitation of this vulnerability may affect service confidentiality.EPSS 0.1%CVE-2024-54101MEDIUMDenial of service (DoS) vulnerability in the installation module Impact: Successful exploitation of this vulnerability will affect availabilEPSS 0.1%CVE-2024-42034MEDIUMLaunchAnywhere vulnerability in the account module. Impact: Successful exploitation of this vulnerability may affect service confidentialityEPSS 0.1%CVE-2024-5464MEDIUMVulnerability of insufficient permission verification in the NearLink module Impact: Successful exploitation of this vulnerability may affecEPSS 0.1%CVE-2025-54653HIGHPath traversal vulnerability in the virtualization file module. Successful exploitation of this vulnerability may affect the confidentialityEPSS 0.1%CVE-2025-54652HIGHPath traversal vulnerability in the virtualization base module. Successful exploitation of this vulnerability may affect the confidentialityEPSS 0.1%CVE-2024-36501MEDIUMMemory management vulnerability in the boottime module Impact: Successful exploitation of this vulnerability can affect integrity.EPSS 0.1%CVE-2024-8298MEDIUMMemory request vulnerability in the memory management module Impact: Successful exploitation of this vulnerability may affect service confidEPSS 0.1%CVE-2026-24923MEDIUMPermission control vulnerability in the HDC module. Impact: Successful exploitation of this vulnerability may affect service confidentialityEPSS 0.1%