Vulnerabilidades en Huawei

1367 resultados
Análisis Vexday

Com 1.362 CVEs catalogadas, o portfólio de vulnerabilidades da Huawei apresenta volume expressivo, embora a taxa de exploração ativa esteja abaixo da média geral do catálogo, com nenhuma entrada confirmada no CISA KEV. O tipo de falha mais frequente é CWE-125 (leitura fora dos limites de buffer), padrão que tende a viabilizar vazamento de informações ou condições de instabilidade em equipamentos de rede e sistemas embarcados. A CVE de maior pontuação EPSS no momento é CVE-2019-5285, com índice de 0,0166 — valor baixo em termos absolutos, mas que ainda merece atenção em ambientes onde o ativo afetado esteja exposto. A ausência de PoCs públicas conhecidas reduz a superfície de exploração imediata, mas os 57 registros de severidade crítica e as 47 CVEs surgidas nos últimos 90 dias indicam que a gestão contínua de patches permanece necessária.

CVE-2025-68970MEDIUMPermission verification bypass vulnerability in the media library module. Impact: Successful exploitation of this vulnerability may affect sEPSS 0.1%CVE-2026-41984MEDIUMUAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity.EPSS 0.1%CVE-2025-68965MEDIUMPermission control vulnerability in the Notepad module. Impact: Successful exploitation of this vulnerability may affect service confidentiaEPSS 0.1%CVE-2026-28545MEDIUMRace condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2026-41961MEDIUMPermission control vulnerability in contacts. Impact: Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2026-41962LOWPermission control vulnerability in the app management and control module. Impact: Successful exploitation of this vulnerability may affect EPSS 0.1%CVE-2025-66325MEDIUMPermission control vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service EPSS 0.1%CVE-2026-34866MEDIUMOut-of-bounds write vulnerability in the WEB module.Impact: Successful exploitation of this vulnerability will affect availability and confiEPSS 0.1%CVE-2026-34859MEDIUMUAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.EPSS 0.1%CVE-2025-66324HIGHInput verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affeEPSS 0.1%CVE-2025-64315MEDIUMConfiguration defect vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect app data EPSS 0.1%CVE-2025-66330MEDIUMApp lock verification bypass vulnerability in the file management app. Impact: Successful exploitation of this vulnerability may affect servEPSS 0.1%CVE-2025-64311MEDIUMPermission control vulnerability in the Notepad module. Impact: Successful exploitation of this vulnerability may affect service confidentiaEPSS 0.1%CVE-2026-34864MEDIUMBoundary-unlimited vulnerability in the application read module. Impact: Successful exploitation of this vulnerability may affect availabiliEPSS 0.1%CVE-2026-41977MEDIUMDoS vulnerability in the log service. Impact: Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2026-41979MEDIUMPermission control vulnerability in the print module. Impact: Successful exploitation of this vulnerability may affect integrity and confideEPSS 0.1%CVE-2026-41964HIGHPermission control vulnerability in the web. Impact: Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2026-34849LOWUAF vulnerability in the screen management module. Impact: Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2026-41978MEDIUMPermission control vulnerability in the clone module. Impact: Successful exploitation of this vulnerability may affect service confidentialiEPSS 0.1%CVE-2025-54655HIGHRace condition vulnerability in the virtualization base module. Successful exploitation of this vulnerability may affect the confidentialityEPSS 0.1%