cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-54121,https://securityvulnerability.io/vulnerability/CVE-2024-54121,Startup Control Vulnerability in Ability Module Affecting Huawei Products,"The vulnerability in the Ability module allows for a startup control issue that could lead to abnormal performance of features within affected Huawei products. Exploiting this flaw may result in unintended behavior, impacting the functionality and user experience. Users are encouraged to apply the latest patches as recommended.",Huawei,Harmonyos,7.5,HIGH,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-01-08T03:24:36.500Z,0
CVE-2024-56449,https://securityvulnerability.io/vulnerability/CVE-2024-56449,Privilege Escalation Vulnerability in Huawei Account Module,"The vulnerability enables a user to gain elevated privileges within Huawei's Account module, potentially compromising service confidentiality. If exploited, it could allow unauthorized access to sensitive data and functionality, making it critical for affected users to apply the latest security patches promptly to mitigate the risk.",Huawei,"Harmonyos,Emui",7.5,HIGH,0.0008699999889358878,false,,false,false,false,,false,false,false,,2025-01-08T03:13:25.971Z,0
CVE-2024-56448,https://securityvulnerability.io/vulnerability/CVE-2024-56448,Improper Access Control in Huawei Home Screen Widget Module,"The vulnerability involves improper access control mechanisms within the home screen widget module of Huawei devices. This flaw could lead to unauthorized access or exploitation, potentially compromising user security and affecting the availability of the affected systems. It underscores the importance of implementing robust access control measures in software development to safeguard users against potential attacks.",Huawei,"Harmonyos,Emui",7.5,HIGH,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-01-08T03:11:56.159Z,0
CVE-2024-56447,https://securityvulnerability.io/vulnerability/CVE-2024-56447,Improper Permission Control in Huawei's Window Management Module,"The vulnerability involves improper permission control within Huawei's window management module. Exploiting this flaw could potentially compromise service confidentiality, allowing unauthorized access to sensitive information. Users are advised to update to the latest version as a precaution against possible exploitation. For detailed guidance, refer to Huawei's security bulletin.",Huawei,"Harmonyos,Emui",7.5,HIGH,0.0008699999889358878,false,,false,false,false,,false,false,false,,2025-01-08T03:03:11.490Z,0
CVE-2024-56446,https://securityvulnerability.io/vulnerability/CVE-2024-56446,Notification Module Vulnerability in Huawei Product,"A security issue exists in Huawei's Notification Module due to uninitialized variables. Failure to properly initialize these variables can lead to potential disruptions in service availability, allowing unauthorized access or manipulation of the system. Administrators should be aware of this vulnerability to mitigate any risks associated with the exploitation of uninitialized variables.",Huawei,Harmonyos,7.5,HIGH,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-01-08T03:01:49.820Z,0
CVE-2024-56444,https://securityvulnerability.io/vulnerability/CVE-2024-56444,Cross-Process Screen Stack Vulnerability in Huawei UIExtension Module,"The UIExtension module developed by Huawei contains a cross-process screen stack vulnerability. This flaw allows an attacker to exploit the system, possibly leading to a compromise of service confidentiality. It is crucial for users to be aware of this vulnerability and apply the necessary security measures to protect their systems.",Huawei,Harmonyos,7.5,HIGH,0.0008699999889358878,false,,false,false,false,,false,false,false,,2025-01-08T02:44:26.370Z,0
CVE-2024-56443,https://securityvulnerability.io/vulnerability/CVE-2024-56443,Cross-Process Screen Stack Flaw in UIExtension Module by Huawei,"The UIExtension module developed by Huawei contains a vulnerability that allows for cross-process screen stack attacks. Exploiting this flaw may compromise the confidentiality of sensitive services, enabling unauthorized access to information. Organizations using affected versions of the UIExtension module should implement immediate security measures to safeguard against potential exploitation.",Huawei,Harmonyos,7.5,HIGH,0.0008699999889358878,false,,false,false,false,,false,false,false,,2025-01-08T02:37:31.730Z,0
CVE-2024-56442,https://securityvulnerability.io/vulnerability/CVE-2024-56442,NFC Service Module Vulnerability in Huawei Devices,"The NFC service module in Huawei devices presents a vulnerability due to the insufficient implementation of native APIs. This flaw can lead to abnormal behavior of features that rely on the NFC service, potentially impacting user experience and device functionality. It is crucial for users and administrators to remain vigilant and keep their software updated to mitigate potential risks.",Huawei,"Harmonyos,Emui",7.5,HIGH,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-01-08T02:20:03.579Z,0
CVE-2024-56440,https://securityvulnerability.io/vulnerability/CVE-2024-56440,Permission Control Vulnerability in Huawei Connectivity Module,"A permission control vulnerability exists in Huawei's Connectivity module that may allow unauthorized access to certain features. Successful exploitation could lead to abnormal functionality of these features, posing potential risks to user privacy and system integrity.",Huawei,"Harmonyos,Emui",7.5,HIGH,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-01-08T02:08:46.885Z,0
CVE-2024-56439,https://securityvulnerability.io/vulnerability/CVE-2024-56439,Access Control Flaw in Huawei Identity Authentication Module,An access control vulnerability in Huawei's Identity Authentication Module may allow unauthorized access to sensitive service components. Successful exploitation can compromise the confidentiality of services by enabling attackers to bypass security controls. It is crucial for users and administrators to apply the necessary updates to mitigate potential risks associated with this vulnerability.,Huawei,Harmonyos,7.5,HIGH,0.0008699999889358878,false,,false,false,false,,false,false,false,,2025-01-08T02:05:13.262Z,0
CVE-2024-56438,https://securityvulnerability.io/vulnerability/CVE-2024-56438,Improper Memory Address Protection in HUKS Module Affects Huawei Products,"The HUKS (Huawei Key Storage) module contains a vulnerability due to improper memory address protection. This flaw may allow attackers to exploit the system, potentially leading to unauthorized access or manipulation, ultimately impacting the availability of affected applications and services.",Huawei,"Harmonyos,Emui",7.5,HIGH,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-01-08T02:04:06.730Z,0
CVE-2024-56437,https://securityvulnerability.io/vulnerability/CVE-2024-56437,Input Parameter Verification Flaw in Widget Framework Module by Huawei,A vulnerability exists in the widget framework module of Huawei products due to unverified input parameters. This flaw can potentially lead to unauthorized access and impact the availability of the affected products. Proper validation of inputs is crucial to prevent exploitation in applications relying on this framework.,Huawei,Harmonyos,7.5,HIGH,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-01-08T02:01:27.893Z,0
CVE-2023-52955,https://securityvulnerability.io/vulnerability/CVE-2023-52955,Improper Authentication Vulnerability in ANS System Service Module by Huawei,"An improper authentication vulnerability exists in Huawei's ANS system service module, potentially allowing unauthorized access or abnormal feature performance. Successful exploitation could lead to severe impacts on system integrity and functionality, necessitating immediate attention and remediation.",Huawei,"Harmonyos,Emui",7.5,HIGH,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-01-08T02:00:17.658Z,0
CVE-2023-52954,https://securityvulnerability.io/vulnerability/CVE-2023-52954,Improper Permission Control in Gallery Module of Huawei Devices,"The Gallery module in Huawei devices contains a vulnerability that arises from inadequate permission controls. This security flaw can be exploited to impact the availability of the service, potentially allowing unauthorized access or manipulation of gallery content. Users are advised to ensure their devices are updated and to follow best practices in cybersecurity to mitigate risks associated with this vulnerability.",Huawei,"Harmonyos,Emui",7.5,HIGH,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-01-08T01:51:55.588Z,0
CVE-2023-52953,https://securityvulnerability.io/vulnerability/CVE-2023-52953,Path Traversal Flaw in Medialibrary Module by Huawei,"A path traversal vulnerability exists in the Medialibrary module developed by Huawei, which can be exploited to gain unauthorized access to file system paths. This can lead to a compromise of both integrity and confidentiality, allowing attackers to read sensitive files outside the intended directories. Organizations using this module should take immediate action to mitigate the risk.",Huawei,"Harmonyos,Emui",9.1,CRITICAL,0.000910000002477318,false,,false,false,false,,false,false,false,,2025-01-08T01:48:23.333Z,0
CVE-2024-56436,https://securityvulnerability.io/vulnerability/CVE-2024-56436,Cross-Process Screen Stack Vulnerability in Huawei's UIExtension Module,"The UIExtension module developed by Huawei contains a cross-process screen stack vulnerability. This issue may allow unauthorized entities to access sensitive information, thereby compromising the confidentiality of the services utilizing this module. It is critical for users and organizations leveraging Huawei products to apply necessary updates and mitigations to reduce the potential risk posed by this vulnerability.",Huawei,Harmonyos,7.5,HIGH,0.0008699999889358878,false,,false,false,false,,false,false,false,,2025-01-08T01:46:26.175Z,0
CVE-2024-56435,https://securityvulnerability.io/vulnerability/CVE-2024-56435,Cross-Process Screen Stack Vulnerability in UIExtension Module by Huawei,"The vulnerability in the UIExtension module allows for potential unauthorized access to service confidentiality through a cross-process screen stack exploitation. This flaw can permit malicious actors to bypass isolation measures, compromising the integrity and confidentiality of sensitive information processed through the affected module.",Huawei,Harmonyos,7.5,HIGH,0.0008699999889358878,false,,false,false,false,,false,false,false,,2025-01-08T01:33:41.726Z,0
CVE-2024-56434,https://securityvulnerability.io/vulnerability/CVE-2024-56434,Use-After-Free Vulnerability in Huawei Device Node Access Module,"A Use-After-Free (UAF) vulnerability exists within the device node access module developed by Huawei. This vulnerability could lead to service exceptions, potentially compromising the security and reliability of affected Huawei products. Successful exploitation of this flaw may allow unauthorized access or manipulation of device functions, posing a significant risk to users.",Huawei,"Harmonyos,Emui",7.5,HIGH,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-01-08T01:32:32.297Z,0
CVE-2023-52718,https://securityvulnerability.io/vulnerability/CVE-2023-52718,Connection Hijacking Vulnerability in Huawei Home Routers,"A connection hijacking vulnerability has been identified in certain Huawei home routers, which can be exploited to disrupt network services or leak sensitive information. This vulnerability poses a significant risk to users who rely on these devices for secure internet access. It highlights the importance of maintaining up-to-date firmware and implementing robust security practices to mitigate potential threats.",Huawei,Pt9030-15 Firmware,8.1,HIGH,0.0005200000014156103,false,,false,false,false,,false,false,false,,2024-12-28T08:15:00.000Z,0
CVE-2023-7266,https://securityvulnerability.io/vulnerability/CVE-2023-7266,Connection Hijacking Vulnerability in Huawei Home Routers,"A connection hijacking vulnerability in certain Huawei home routers poses significant security risks. Successful exploitation enables attackers to intercept and manipulate network connections, potentially leading to denial of service (DoS) conditions or unauthorized access to sensitive information. Users of affected Huawei router models are advised to review their security configurations and apply necessary updates to mitigate risks associated with this vulnerability.",Huawei,Tc7001-10 Firmware,8.1,HIGH,0.0005200000014156103,false,,false,false,false,,false,false,false,,2024-12-28T07:15:00.000Z,0
CVE-2021-22484,https://securityvulnerability.io/vulnerability/CVE-2021-22484,Data Size Verification Flaw in Huawei Wearables,"Certain Huawei wearable devices exhibit a vulnerability characterized by the lack of verification for actual data size during data reading operations. This oversight may facilitate exploitation that could lead to a server out of memory (OOM) situation, potentially compromising device performance and overall user experience. It is crucial for users and organizations relying on these devices to stay informed about such vulnerabilities and consider applying the necessary updates to mitigate risks associated with potential exploitation.",Huawei,Harmonyos,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2024-12-28T06:50:40.877Z,0
CVE-2021-37000,https://securityvulnerability.io/vulnerability/CVE-2021-37000,Permission Management Vulnerability in Huawei Wearables,"A notable vulnerability has been identified in certain Huawei wearable devices concerning their permission management system. This issue could allow unauthorized access or manipulation of device functionality, potentially compromising the user experience and overall security. Users of affected Huawei wearables should remain vigilant about device permissions and updates to ensure their devices are secure against potential exploits. This vulnerability highlights the importance of robust permission management in wearable technology, as it plays a crucial role in safeguarding sensitive user data.",Huawei,Harmonyos,7.7,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2024-12-28T06:47:41.434Z,0
CVE-2020-9236,https://securityvulnerability.io/vulnerability/CVE-2020-9236,Improper Interface Design in Huawei Products,"An improper interface design vulnerability has been identified in multiple products by Huawei, where specific operations of a module interface are not handled properly. This oversight allows attackers to exploit the vulnerability, facilitating the execution of unauthorized actions that compromise the functionality and security of the module service. As organizations increasingly rely on Huawei's networking solutions, awareness and proactive measures to mitigate this vulnerability are crucial for maintaining robust cybersecurity defenses.",Huawei,Fusioncompute,8.8,HIGH,0.0005000000237487257,false,,false,false,false,,false,false,false,,2024-12-27T09:52:11.426Z,0
CVE-2020-9222,https://securityvulnerability.io/vulnerability/CVE-2020-9222,Privilege Escalation Vulnerability in Huawei FusionCompute Products,"A serious privilege escalation issue has been identified within Huawei's FusionCompute product line. This vulnerability arises from inadequate verification measures during the deserialization process of specific files, creating a potential exploit vector for local attackers. If successfully exploited, attackers could manipulate the system to gain elevated permissions, compromising the integrity of the affected environments. Organizations utilizing Huawei FusionCompute should take immediate action to assess their security posture, implement necessary patches, and ensure that systems are fortified against such vulnerabilities. For detailed security advisories and remediation strategies, refer to Huawei's official security advisory.",Huawei,Fusioncompute,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2024-12-27T09:50:01.133Z,0
CVE-2020-9211,https://securityvulnerability.io/vulnerability/CVE-2020-9211,Out-of-Bound Read and Write Vulnerability in Huawei Smartphones,"A vulnerability exists in Huawei smartphones that allows for out-of-bound read and write operations. This issue arises due to insufficient input verification in a specific module. Attackers can exploit this vulnerability by altering certain configurations, which may lead to unauthorized data access or manipulation, ultimately resulting in denial of service. It is essential for users of affected Huawei devices to be aware of this vulnerability and take necessary measures to ensure their security. For further details, refer to Huawei's security advisory.",Huawei,Huawei Mate 30,7.2,HIGH,0.0005000000237487257,false,,false,false,false,,false,false,false,,2024-12-27T09:48:18.593Z,0