Vulnerabilidades em Huawei

1.367 resultados
Análise Vexday

Com 1.362 CVEs catalogadas, o portfólio de vulnerabilidades da Huawei apresenta volume expressivo, embora a taxa de exploração ativa esteja abaixo da média geral do catálogo, com nenhuma entrada confirmada no CISA KEV. O tipo de falha mais frequente é CWE-125 (leitura fora dos limites de buffer), padrão que tende a viabilizar vazamento de informações ou condições de instabilidade em equipamentos de rede e sistemas embarcados. A CVE de maior pontuação EPSS no momento é CVE-2019-5285, com índice de 0,0166 — valor baixo em termos absolutos, mas que ainda merece atenção em ambientes onde o ativo afetado esteja exposto. A ausência de PoCs públicas conhecidas reduz a superfície de exploração imediata, mas os 57 registros de severidade crítica e as 47 CVEs surgidas nos últimos 90 dias indicam que a gestão contínua de patches permanece necessária.

CVE-2024-58114MEDIUMResource allocation control failure vulnerability in the ArkUI framework Impact: Successful exploitation of this vulnerability may affect avEPSS 0.1%CVE-2024-45448MEDIUMPage table protection configuration vulnerability in the trusted firmware module Impact: Successful exploitation of this vulnerability may aEPSS 0.1%CVE-2026-34854MEDIUMUAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.EPSS 0.1%CVE-2025-58280HIGHVulnerability of exposing object heap addresses in the Ark eTS module. Impact: Successful exploitation of this vulnerability may affect avaiEPSS 0.1%CVE-2025-31171MEDIUMFile read permission bypass vulnerability in the kernel file system module Impact: Successful exploitation of this vulnerability may affect EPSS 0.1%CVE-2024-45447MEDIUMAccess control vulnerability in the camera framework module Impact: Successful exploitation of this vulnerability may affect service confideEPSS 0.1%CVE-2025-54615MEDIUMVulnerability of insufficient information protection in the media library module. Impact: Successful exploitation of this vulnerability may EPSS 0.1%CVE-2025-27521MEDIUMVulnerability of improper access permission in the process management module Impact: Successful exploitation of this vulnerability may affecEPSS 0.1%CVE-2024-58044HIGHPermission verification bypass vulnerability in the notification module Impact: Successful exploitation of this vulnerability may affect avaEPSS 0.1%CVE-2025-54639MEDIUMParcelMismatch vulnerability in attribute deserialization. Impact: Successful exploitation of this vulnerability may cause playback control EPSS 0.1%CVE-2025-54606HIGHStatus verification vulnerability in the lock screen module. Impact: Successful exploitation of this vulnerability will affect availability EPSS 0.1%CVE-2024-58047MEDIUMPermission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service cEPSS 0.1%CVE-2025-54640MEDIUMParcelMismatch vulnerability in attribute deserialization. Impact: Successful exploitation of this vulnerability may cause playback control EPSS 0.1%CVE-2024-58049MEDIUMPermission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service cEPSS 0.1%CVE-2025-54611HIGHEXTRA_REFERRER resource read vulnerability in the Gallery module. Impact: Successful exploitation of this vulnerability may affect service cEPSS 0.1%CVE-2025-49599MEDIUMHuawei EG8141A5 devices through V5R019C00S100, EG8145V5 devices through V5R019C00S100, and EG8145V5-V2 devices through V5R021C00S184 allow tEPSS 0.1%CVE-2026-41969MEDIUMPermission control vulnerability in the projection module. Impact: Successful exploitation of this vulnerability may affect service confidenEPSS 0.1%CVE-2023-52972MEDIUMHuawei PCs have a vulnerability that allows low-privilege users to bypass SDDL permission checks . Successful exploitation this vulnerabilitEPSS 0.1%CVE-2025-68956HIGHMulti-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect avaEPSS 0.1%CVE-2025-54646MEDIUMVulnerability of inadequate packet length check in the BLE module. Impact: Successful exploitation of this vulnerability may affect performaEPSS 0.1%