Huawei Security Vulnerabilities (CVEs)

This CVE describes an out-of-bounds write vulnerability in a kernel driver module that could allow attackers to cause process exceptions or potentiall...

This CVE describes a missing encryption vulnerability in Huawei's card management module that could allow unauthorized access to sensitive card data. ...

This CVE describes an out-of-bounds vulnerability in the sensor module of Huawei/HarmonyOS devices that could allow attackers to cause mistouch preven...

A use-after-free vulnerability (CWE-416) in the idmap module of Huawei HarmonyOS and EMUI systems allows attackers to cause abnormal feature behavior ...

This CVE describes a type confusion vulnerability in Huawei's distributed file module that could allow attackers to cause denial of service through de...

This CVE describes a mutual exclusion management vulnerability in a kernel module that could allow attackers to cause denial-of-service conditions. Th...

This CVE describes a Use-After-Free vulnerability in the surfaceflinger module of Huawei/HarmonyOS devices. Successful exploitation can cause system c...

This CVE describes a broadcast permission control vulnerability in Bluetooth modules that could allow unauthorized access to Bluetooth services. Succe...

This CVE describes an out-of-bounds read vulnerability in Huawei's Bluetooth module that could allow attackers to read sensitive information from memo...

This CVE describes a vulnerability in Huawei device authentication modules that allows brute-force attacks. Attackers can repeatedly attempt authentic...

This vulnerability in Huawei's security module fails to verify package names' public keys, allowing attackers to potentially install malicious package...

This vulnerability allows attackers to perform brute-force attacks against device authentication modules, potentially compromising service confidentia...

This vulnerability allows 5G SMS messages to be sent without encryption in VPN environments, potentially exposing message contents to interception. It...

CVE-2023-41307 is a memory overwriting vulnerability in Huawei/HarmonyOS security modules that could allow attackers to corrupt memory and cause syste...

A permission control vulnerability in Huawei's MediaPlaybackController module allows attackers to bypass intended restrictions, potentially disrupting...

This CVE describes an unauthorized API access vulnerability in Huawei's PMS (Package Management Service) module that allows attackers to bypass intend...

This CVE describes a command injection vulnerability in the distributed file system module of HarmonyOS. Attackers can exploit this to execute arbitra...

CVE-2023-41293 is a data security classification vulnerability in Huawei's DDMP module that could allow unauthorized access to sensitive information. ...

This CVE describes a permission control vulnerability in the window module of Huawei/HarmonyOS devices that could allow unauthorized access to sensiti...

This CVE describes a buffer overflow vulnerability (CWE-120) in Huawei's PMS module that allows denial-of-service attacks. Successful exploitation cau...

This vulnerability in Huawei/HarmonyOS window management APIs allows attackers to cause denial of service through improper input validation. Exploitat...

This vulnerability involves insufficient input validation in certain window management APIs, allowing attackers to trigger device restarts through cra...

This vulnerability allows API privilege escalation in Huawei/HarmonyOS wifienhance modules, enabling attackers to modify ARP tables without proper aut...

CVE-2023-39397 is a NULL pointer dereference vulnerability in Huawei/HarmonyOS communication systems where improper input validation allows attackers ...

This vulnerability involves insecure signature verification in Huawei's ServiceWifiResources module, allowing attackers to maliciously modify and over...

This CVE describes an input verification vulnerability in the audio module of Huawei devices running HarmonyOS. Successful exploitation could cause vi...

CVE-2023-39384 is an incomplete permission verification vulnerability in Huawei/HarmonyOS input method modules that could allow unauthorized access to...

This vulnerability in Huawei's PMS module allows attackers to exploit improper input validation, potentially causing denial of service by making the h...

This CVE describes a permission control vulnerability in Huawei audio modules that allows unauthorized access to audio device functions. Successful ex...

This CVE describes an inappropriate authorization vulnerability in Huawei HarmonyOS system apps that could allow unauthorized access to system functio...

This CVE-2022-48514 vulnerability in the Sepolicy module allows inappropriate permission control on Netlink usage, potentially enabling unauthorized a...

This vulnerability in Huawei's DSoftBus module allows third-party apps to obtain unique values, potentially exposing sensitive information. It affects...

CVE-2022-48519 is an unauthorized access vulnerability in Huawei's SystemUI module that allows attackers to bypass intended access restrictions. This ...

This vulnerability involves improper exception handling in Huawei's communication framework, allowing attackers to trigger abnormal behavior in affect...

This vulnerability in Huawei's communication framework module allows attackers to cause denial-of-service conditions by exploiting incomplete input pa...