Vulnerabilities > Huawei > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-22 | CVE-2017-8159 | Incorrect Type Conversion or Cast vulnerability in Huawei products Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. | 7.8 |
| 2017-11-22 | CVE-2017-8155 | Missing Authentication for Critical Function vulnerability in Huawei B2338-168 Firmware V100R001C00 The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no authentication vulnerability on a certain port. | 8.4 |
| 2017-11-22 | CVE-2017-8153 | Permission Issues vulnerability in Huawei Vmall Huawei VMall (for Android) with the versions before 1.5.8.5 have a privilege elevation vulnerability due to improper design. | 7.1 |
| 2017-11-22 | CVE-2017-8150 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei products The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an arbitrary memory write vulnerability due to the lack of parameter validation. | 7.8 |
| 2017-11-22 | CVE-2017-8147 | Improper Input Validation vulnerability in Huawei products AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S5300 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S5700 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S6300 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R008C00,S6700 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S7700 with software V100R003C00, V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S9300 with software V100R001C00, V100R002C00, V100R003C00, V100R006C00, V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R008C10,S9700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,Secospace USG6600 V500R001C00SPC050 have a MaxAge LSA vulnerability due to improper OSPF implementation. | 7.5 |
| 2017-11-22 | CVE-2017-8142 | Use After Free vulnerability in Huawei Mate 9 Firmware and Mate 9 PRO Firmware The Trusted Execution Environment (TEE) module driver of Mate 9 and Mate 9 Pro smart phones with software versions earlier than MHA-AL00BC00B221 and versions earlier than LON-AL00BC00B221 has a use after free (UAF) vulnerability. | 7.8 |
| 2017-11-22 | CVE-2017-8141 | Double Free vulnerability in Huawei P10 Plus Firmware The Touch Panel (TP) driver in P10 Plus smart phones with software versions earlier than VKY-AL00C00B153 has a memory double free vulnerability. | 7.8 |
| 2017-11-22 | CVE-2017-8140 | Double Free vulnerability in Huawei P9 Plus Firmware Eval09C636B388/Vieal10 The soundtrigger driver in P9 Plus smart phones with software versions earlier than VIE-AL10BC00B353 has a memory double free vulnerability. | 7.8 |
| 2017-11-22 | CVE-2017-8138 | Cross-Site Request Forgery (CSRF) vulnerability in Huawei Hedex Lite HedEx Earlier than V200R006C00 versions has a cross-site request forgery (CSRF) vulnerability. | 8.8 |
| 2017-11-22 | CVE-2017-8137 | Untrusted Search Path vulnerability in Huawei Hedex Lite HedEx Earlier than V200R006C00 versions has a dynamic link library (DLL) hijacking vulnerability due to calling the DDL file by accessing a relative path. | 7.8 |