Vulnerabilities
CVE-2020-9081
LOWThere is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the attacker to bypass app lock. (Vulnerability ID: HWPSIRT-2019-12144) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9081.
CVE-2020-9080
HIGHThere is an improper privilege management vulnerability in Huawei smart phone product. A local, authenticated attacker could craft a specific input to exploit this vulnerability. Successful exploitation may lead to local privilege escalation. (Vulnerability ID: HWPSIRT-2020-05272) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9080.
CVE-2023-7300
HIGHHuawei Home Music System has a path traversal vulnerability. Successful exploitation of this vulnerability may cause the music host file to be deleted or the file permission to be changed.(Vulnerability ID:HWPSIRT-2023-60613)
CVE-2022-34159
HIGHHuawei printers have an input verification vulnerability. Successful exploitation of this vulnerability may cause device service exceptions. (Vulnerability ID: HWPSIRT-2022-80078) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-34159.
CVE-2022-32204
HIGHThere is an improper input verification vulnerability in Huawei printer product. Successful exploitation of this vulnerability may cause service abnormal. (Vulnerability ID: HWPSIRT-2022-87185) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-32204.
CVE-2022-32203
CRITICALThere is a command injection vulnerability in Huawei terminal printer product. Successful exploitation could result in the highest privileges of the printer. (Vulnerability ID: HWPSIRT-2022-51773) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-32203.
CVE-2022-32144
HIGHThere is an insufficient input verification vulnerability in Huawei product. Successful exploitation of this vulnerability may lead to service abnormal. (Vulnerability ID: HWPSIRT-2022-76192) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-32144.
CVE-2020-9250
LOWThere is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated, local attacker can crafts software package to exploit this vulnerability. Due to insufficient verification, successful exploitation may impact the service. (Vulnerability ID: HWPSIRT-2019-12302) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9250.
CVE-2024-54122
MEDIUMConcurrent variable access vulnerability in the ability module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-54119
MEDIUMCross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54117
MEDIUMCross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54116
MEDIUMOut-of-bounds read vulnerability in the M3U8 module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2024-54115
MEDIUMOut-of-bounds read vulnerability in the DASH module Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54114
MEDIUMOut-of-bounds access vulnerability in playback in the DASH module Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54113
MEDIUMProcess residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect power consumption.
CVE-2024-54112
MEDIUMCross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54111
MEDIUMRead/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54110
MEDIUMCross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54109
MEDIUMRead/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54108
MEDIUMRead/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54107
HIGHRead/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54106
HIGHNull pointer dereference vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54105
MEDIUMRead/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54104
MEDIUMCross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54103
MEDIUMVulnerability of improper access control in the album module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54102
MEDIUMRace condition vulnerability in the DDR module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54101
MEDIUMDenial of service (DoS) vulnerability in the installation module Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54100
MEDIUMVulnerability of improper access control in the secure input module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2024-54099
MEDIUMFile replacement vulnerability on some devices Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVE-2024-54098
HIGHService logic error vulnerability in the system service module Impact: Successful exploitation of this vulnerability may affect service integrity.
CVE-2024-54097
HIGHSecurity vulnerability in the HiView module Impact: Successful exploitation of this vulnerability may affect feature implementation and integrity.
CVE-2024-54096
MEDIUMVulnerability of improper access control in the MTP module Impact: Successful exploitation of this vulnerability may affect integrity and accuracy.
CVE-2024-51530
MEDIUMLaunchAnywhere vulnerability in the account module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-51529
MEDIUMData verification vulnerability in the battery module Impact: Successful exploitation of this vulnerability may affect function stability.
CVE-2024-51528
MEDIUMVulnerability of improper log printing in the Super Home Screen module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-51527
MEDIUMPermission control vulnerability in the Gallery app Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-51526
HIGHPermission control vulnerability in the hidebug module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-51525
MEDIUMPermission control vulnerability in the clipboard module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-51524
MEDIUMPermission control vulnerability in the Wi-Fi module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-51523
HIGHInformation management vulnerability in the Gallery module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-51522
MEDIUMVulnerability of improper device information processing in the device management module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-51521
MEDIUMInput parameter verification vulnerability in the background service module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-51520
MEDIUMVulnerability of input parameters not being verified in the HDC module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-51519
MEDIUMVulnerability of input parameters not being verified in the HDC module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-51518
MEDIUMVulnerability of message types not being verified in the advanced messaging modul Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-51517
MEDIUMVulnerability of improper memory access in the phone service module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-51516
MEDIUMPermission control vulnerability in the ability module Impact: Successful exploitation of this vulnerability may cause features to function abnormally.
CVE-2024-51515
MEDIUMRace condition vulnerability in the kernel network module Impact:Successful exploitation of this vulnerability may affect availability.
CVE-2024-51514
MEDIUMVulnerability of pop-up windows belonging to no app in the VPN module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-51513
MEDIUMVulnerability of processes not being fully terminated in the VPN module Impact: Successful exploitation of this vulnerability will affect power consumption.