Vulnerabilities > Huawei
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-02 | CVE-2016-8779 | Unspecified vulnerability in Huawei Fusionaccess V100R005C10/V100R005C20 Huawei FusionAccess with software V100R005C10 and V100R005C20 could allow remote attackers with specific permission to inject a Lightweight Directory Access Protocol (LDAP) operation command into a specific input variable to obtain sensitive information from the database. | 6.5 |
| 2017-04-02 | CVE-2016-8776 | Improper Authorization vulnerability in Huawei P9 Firmware and P9 Lite Firmware Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones with software VNS-L21C185 allow attackers to bypass the factory reset protection (FRP) to enter some functional modules without authorization and perform operations to update the Google account. | 4.6 |
| 2017-04-02 | CVE-2016-8775 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei products Touch Panel (TP) driver in Huawei NEM phones with software Versions before NEM-AL10C00B130, Versions before NEM-UL10C17B160, Versions before NEM-UL10C00B160, Versions before NEM-TL00C01B160 allows attackers to get root privilege or crash the system or execute arbitrary code, related to a buffer overflow. | 6.7 |
| 2017-04-02 | CVE-2016-8774 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei products The HIFI driver in Huawei Mate 8 phones with software versions before NXT-AL10C00B386, versions before NXT-CL00C92B386, versions before NXT-DL00C17B386, versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366; and P9 phones with software Versions before EVA-AL10C00B190, Versions before EVA-DL10C00B190, Versions before EVA-TL10C00B190, Versions before EVA-CL10C00B190 allows attackers to get root privilege or crash the system or execute arbitrary code, related to a buffer overflow. | 6.7 |
| 2017-04-02 | CVE-2016-8773 | Improper Input Validation vulnerability in Huawei products Huawei S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00; S5700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C03, V200R007C00, V200R008C00, V200R009C00; S6300 with software V200R003C00, V200R005C00, V200R008C00, V200R009C00; S6700 with software V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R008C00, V200R009C00; S7700 with software V200R007C00, V200R008C00, V200R009C00; S9300 with software V200R007C00, V200R008C00, V200R009C00; S9700 with software V200R007C00, V200R008C00, V200R009C00; and S12700 with software V200R007C00, V200R007C01, V200R008C00, V200R009C00 allow the attacker to cause a denial of service condition by sending malformed MPLS packets. | 7.5 |
| 2017-04-02 | CVE-2016-8769 | Permissions, Privileges, and Access Controls vulnerability in Huawei Utps Firmware V200R003B015D15Sp00C983 Huawei UTPS earlier than UTPS-V200R003B015D16SPC00C983 has an unquoted service path vulnerability which can lead to the truncation of UTPS service query paths. | 6.7 |
| 2017-04-02 | CVE-2016-8768 | 7PK - Security Features vulnerability in Huawei products Huawei Honor 6, Honor 6 Plus, Honor 7 phones with software versions earlier than 6.9.16 could allow attackers to disable the PXN defense mechanism by invoking related drive code to crash the system or escalate privilege. | 7.8 |
| 2017-04-02 | CVE-2016-8764 | Improper Input Validation vulnerability in Huawei P8 Lite Firmware, P9 Firmware and P9 Lite Firmware The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to read and write user-mode memory data anywhere in the TrustZone driver. | 6.4 |
| 2017-04-02 | CVE-2016-8763 | Improper Control of a Resource Through its Lifetime vulnerability in Huawei P8 Lite Firmware, P9 Firmware and P9 Lite Firmware The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an improper resource release vulnerability, which allows attackers to cause a system restart or privilege elevation. | 7.8 |
| 2017-04-02 | CVE-2016-8762 | Improper Input Validation vulnerability in Huawei P8 Lite Firmware, P9 Firmware and P9 Lite Firmware The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to cause the system to restart. | 5.0 |