Vulnerabilities > Huawei
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-22 | CVE-2017-8180 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei MTK Platform Smart Phone Firmware The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.Due to the insufficient input verification, an attacker tricks a user into installing a malicious application which has special privilege and sends a specific parameter to the driver of the smart phone, causing privilege escalation. | 7.8 |
| 2017-11-22 | CVE-2017-8179 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei MTK Platform Smart Phone Firmware The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.Due to the insufficient input verification, an attacker tricks a user into installing a malicious application which has special privilege and sends a specific parameter to the driver of the smart phone, causing privilege escalation. | 7.8 |
| 2017-11-22 | CVE-2017-8178 | Cross-site Scripting vulnerability in Huawei Vicky-Al00 Firmware Huawei Email APP Vicky-AL00 smartphones with software of earlier than VKY-AL00C00B171 versions has a stored cross-site scripting vulnerability. | 5.4 |
| 2017-11-22 | CVE-2017-8177 | Improper Verification of Cryptographic Signature vulnerability in Huawei Hiwallet Huawei APP HiWallet earlier than 5.0.3.100 versions do not support signature verification for APK file. | 5.3 |
| 2017-11-22 | CVE-2017-8175 | Improper Input Validation vulnerability in Huawei Vicky-Al00A, Victoria-Al00A and Warsaw-Al00 The Bastet of some Huawei mobile phones with software earlier than Vicky-AL00AC00B167 versions, earlier than Victoria-AL00AC00B167 versions, earlier than Warsaw-AL00C00B191 versions has an insufficient input validation vulnerability due to the lack of parameter validation. | 5.5 |
| 2017-11-22 | CVE-2017-8174 | Inadequate Encryption Strength vulnerability in Huawei products Huawei USG6300 V100R001C30SPC300 and USG6600 with software of V100R001C30SPC500,V100R001C30SPC600,V100R001C30SPC700,V100R001C30SPC800 have a weak algorithm vulnerability. | 7.5 |
| 2017-11-22 | CVE-2017-8173 | Unspecified vulnerability in Huawei products Maya-L02,VKY-L09,VTR-L29,Vicky-AL00A,Victoria-AL00A,Warsaw-AL00 smart phones with software of earlier than Maya-L02C636B126 versions,earlier than VKY-L29C10B151 versions,earlier than VTR-L29C10B151 versions,earlier than Vicky-AL00AC00B162 versions,earlier than Victoria-AL00AC00B167 versions,earlier than Warsaw-AL00C00B200 versions have a Factory Reset Protection (FRP) bypass security vulnerability. low complexity huawei | 4.6 |
| 2017-11-22 | CVE-2017-8172 | Improper Validation of Array Index vulnerability in Huawei P10 Firmware and P10 Plus Firmware Isub service in P10 Plus and P10 smart phones with earlier than VKY-AL00C00B157 versions and earlier than VTR-AL00C00B157 versions has a denial of service (DoS) vulnerability. | 5.5 |
| 2017-11-22 | CVE-2017-8171 | Exposure of Resource to Wrong Sphere vulnerability in Huawei P10 Plus Firmware Huawei smart phones with software earlier than Vicky-AL00AC00B172D versions have a Factory Reset Protection (FRP) bypass security vulnerability. | 4.6 |
| 2017-11-22 | CVE-2017-8170 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Vie-L09 Firmware Viel09C02B131/Viel09C25B120/Viel09C40B181 Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. | 7.8 |