Vulnerabilidades em Huawei

1.367 resultados
Análise Vexday

Com 1.362 CVEs catalogadas, o portfólio de vulnerabilidades da Huawei apresenta volume expressivo, embora a taxa de exploração ativa esteja abaixo da média geral do catálogo, com nenhuma entrada confirmada no CISA KEV. O tipo de falha mais frequente é CWE-125 (leitura fora dos limites de buffer), padrão que tende a viabilizar vazamento de informações ou condições de instabilidade em equipamentos de rede e sistemas embarcados. A CVE de maior pontuação EPSS no momento é CVE-2019-5285, com índice de 0,0166 — valor baixo em termos absolutos, mas que ainda merece atenção em ambientes onde o ativo afetado esteja exposto. A ausência de PoCs públicas conhecidas reduz a superfície de exploração imediata, mas os 57 registros de severidade crítica e as 47 CVEs surgidas nos últimos 90 dias indicam que a gestão contínua de patches permanece necessária.

CVE-2025-54636MEDIUMIssue of buffer overflow caused by insufficient data verification in the kernel drop detection module. Impact: Successful exploitation of thEPSS 0.1%CVE-2025-58301MEDIUMBuffer overflow vulnerability in the device management module. Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2025-58300MEDIUMBuffer overflow vulnerability in the device management module. Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2025-58277MEDIUMPermission verification bypass vulnerability in the Camera app. Successful exploitation of this vulnerability may affect service confidentiaEPSS 0.1%CVE-2025-58302HIGHPermission control vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiEPSS 0.1%CVE-2025-54634HIGHVulnerability of improper processing of abnormal conditions in huge page separation. Impact: Successful exploitation of this vulnerability mEPSS 0.1%CVE-2026-41963LOWStack overflow vulnerability in the media platform. Impact: Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2025-68968HIGHDouble free vulnerability in the multi-mode input module. Impact: Successful exploitation of this vulnerability may affect the input functioEPSS 0.1%CVE-2025-48908MEDIUMAbility Auto Startup service vulnerability in the foundation process Impact: Successful exploitation of this vulnerability may affect availaEPSS 0.1%CVE-2025-53177LOWPermission bypass vulnerability in the calendar storage module Impact: Successful exploitation of this vulnerability may affect the scheduleEPSS 0.1%CVE-2025-58285MEDIUMPermission control vulnerability in the media module. Successful exploitation of this vulnerability may affect service confidentiality.EPSS 0.1%CVE-2026-28544MEDIUMRace condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2025-58289MEDIUMVulnerability of improper exception handling in the print module. Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2025-58298HIGHData processing error vulnerability in the package management module. Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2025-53178MEDIUMPermission bypass vulnerability in the calendar storage module Impact: Successful exploitation of this vulnerability may affect the scheduleEPSS 0.1%CVE-2026-41971MEDIUMPermission control vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect service coEPSS 0.1%CVE-2026-28540MEDIUMOut-of-bounds character read vulnerability in Bluetooth. Impact: Successful exploitation of this vulnerability may affect service confidentiEPSS 0.1%CVE-2025-68966MEDIUMPermission control vulnerability in the Notepad module. Impact: Successful exploitation of this vulnerability may affect service confidentiaEPSS 0.1%CVE-2026-24925HIGHHeap-based buffer overflow vulnerability in the image module. Impact: Successful exploitation of this vulnerability may affect availability.EPSS 0.1%CVE-2025-58288MEDIUMDenial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnerability may affect availability.EPSS 0.1%