Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-02 | CVE-2016-8761 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Honor 6 Firmware, P9 Firmware and P9 Plus Firmware Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege. | 7.8 |
| 2017-04-02 | CVE-2016-8760 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Honor 6 Firmware, P9 Firmware and P9 Plus Firmware Touchscreen driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a heap overflow vulnerability, which allows attackers to crash the system or escalate user privilege. | 7.8 |
| 2017-04-02 | CVE-2016-8759 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Honor 6 Firmware, P9 Firmware and P9 Plus Firmware Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege. | 7.8 |
| 2017-04-02 | CVE-2016-8754 | Use of Hard-coded Credentials vulnerability in Huawei Oceanstor 5600 V3 Firmware V300R003C00 Huawei OceanStor 5600 V3 V300R003C00 has a hardcoded SSH key vulnerability; the hardcoded keys are used to encrypt communication data and authenticate different nodes of the devices. | 7.5 |
| 2017-04-02 | CVE-2016-8274 | Improper Access Control vulnerability in Huawei Hisuite 4.0.5.300Ove Huawei PC client software HiSuite 4.0.5.300_OVE has a dynamic link library (DLL) hijack vulnerability; an attacker can make the system load malicious DLL files to execute arbitrary code. | 7.8 |
| 2017-04-02 | CVE-2016-8273 | Improper Access Control vulnerability in Huawei Hisuite 4.0.5.300Ove Huawei PC client software HiSuite 4.0.5.300_OVE uses insecure HTTP for upgrade software package download and does not check the integrity of the software package before installing; an attacker can launch an MITM attack to interrupt or replace the downloaded software package and further compromise the PC. | 7.8 |
| 2017-04-02 | CVE-2016-2404 | Permissions, Privileges, and Access Controls vulnerability in Huawei products Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; ACU2 with software V200R005C00SPC500, V200R006C00 have a permission control vulnerability. | 7.5 |
| 2017-04-02 | CVE-2015-8671 | Permissions, Privileges, and Access Controls vulnerability in Huawei Logcenter V100R001C10 Huawei LogCenter V100R001C10 could allow an authenticated attacker to tamper with requests using a tool and submit a request to the server for privilege escalation, affecting some system functions. | 8.8 |
| 2017-04-02 | CVE-2015-7844 | Improper Input Validation vulnerability in Huawei Fusionaccess V100R005C10/V100R005C20 Huawei FusionAccess with software V100R005C10,V100R005C20 could allow attackers to craft and send a malformed HDP protocol packet to cause the virtual cloud desktop to be displaying an error and not usable. | 7.5 |
| 2017-04-02 | CVE-2014-9696 | Permissions, Privileges, and Access Controls vulnerability in Huawei Tecal E9000 Chassis Firmware V100R001C00Spc160 The Hyper Module Management (HMM) software of Huawei Tecal E9000 Chassis V100R001C00SPC160 and earlier versions allows the operator to modify the user configuration of iMana through privilege escalation. | 8.8 |