Vulnerabilidades en Huawei

1367 resultados
Análisis Vexday

Com 1.362 CVEs catalogadas, o portfólio de vulnerabilidades da Huawei apresenta volume expressivo, embora a taxa de exploração ativa esteja abaixo da média geral do catálogo, com nenhuma entrada confirmada no CISA KEV. O tipo de falha mais frequente é CWE-125 (leitura fora dos limites de buffer), padrão que tende a viabilizar vazamento de informações ou condições de instabilidade em equipamentos de rede e sistemas embarcados. A CVE de maior pontuação EPSS no momento é CVE-2019-5285, com índice de 0,0166 — valor baixo em termos absolutos, mas que ainda merece atenção em ambientes onde o ativo afetado esteja exposto. A ausência de PoCs públicas conhecidas reduz a superfície de exploração imediata, mas os 57 registros de severidade crítica e as 47 CVEs surgidas nos últimos 90 dias indicam que a gestão contínua de patches permanece necessária.

CVE-2025-48902MEDIUMVulnerability of uncontrolled system resource applications in the setting module Impact: Successful exploitation of this vulnerability may aEPSS 0.1%CVE-2025-54626MEDIUMPointer dangling vulnerability in the cjwindow module. Impact: Successful exploitation of this vulnerability may affect function stability.EPSS 0.1%CVE-2025-58294MEDIUMPermission control vulnerability in the print module. Impact: Successful exploitation of this vulnerability may affect service confidentialiEPSS 0.1%CVE-2025-54645MEDIUMOut-of-bounds array access issue due to insufficient data verification in the location service module. Impact: Successful exploitation of thEPSS 0.1%CVE-2026-28546MEDIUMBuffer overflow vulnerability in the scanning module. Impact: Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2025-58310HIGHPermission control vulnerability in the distributed component. Impact: Successful exploitation of this vulnerability may affect service confEPSS 0.1%CVE-2026-41968MEDIUMPermission control vulnerability in the manufacturability design module. Impact: Successful exploitation of this vulnerability may affect avEPSS 0.1%CVE-2025-58293MEDIUMVulnerability of improper exception handling in the print module. Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2025-58314MEDIUMVulnerability of accessing invalid memory in the component driver module. Impact: Successful exploitation of this vulnerability will affect EPSS 0.1%CVE-2025-58309MEDIUMPermission control vulnerability in the startup recovery module. Impact: Successful exploitation of this vulnerability will affect availabilEPSS 0.1%CVE-2026-41976MEDIUMPermission control vulnerability in the audio framework. Impact: Successful exploitation of this vulnerability may affect service confidentiEPSS 0.1%CVE-2024-58045HIGHMulti-concurrency vulnerability in the media digital copyright protection module Impact: Successful exploitation of this vulnerability may aEPSS 0.1%CVE-2026-28550MEDIUMRace condition vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2026-24921MEDIUMAddress read vulnerability in the HDC module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiaEPSS 0.1%CVE-2026-41973MEDIUMPermission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2026-34863MEDIUMOut-of-bounds write vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2026-41967MEDIUMPermission control vulnerability in the manufacturability design module. Impact: Successful exploitation of this vulnerability may affect avEPSS 0.1%CVE-2025-58315MEDIUMPermission control vulnerability in the Wi-Fi module. Impact: Successful exploitation of this vulnerability may affect service confidentialiEPSS 0.1%CVE-2024-58048MEDIUMMulti-thread problem vulnerability in the package management module Impact: Successful exploitation of this vulnerability may affect availabEPSS 0.1%CVE-2026-28542HIGHPermission bypass vulnerability in the system service framework. Impact: Successful exploitation of this vulnerability may affect availabiliEPSS 0.1%