Permission control vulnerability in the call module. Successful exploitation of this vulnerability may affect service confidentiality.
Published: Updated:
Vulnerability Type: Design/Logic Flaw
Vendor(s): Huawei
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.5
Permission management vulnerability in the multi-screen interaction module. Successful exploitation of this vulnerability may cause service exceptions of the device.
Published: Updated:
Vulnerability Type: Security feature bypass
Vendor(s): Huawei
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.5
The remote PIN module has a vulnerability that causes incorrect information storage locations.Successful exploitation of this vulnerability may affect confidentiality.
Published: Updated:
Vulnerability Type: Design/Logic Flaw
Vendor(s): Huawei
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.3
Permission control vulnerability in the window management module. Successful exploitation of this vulnerability may cause malicious pop-up windows.
Published: Updated:
Vulnerability Type: Design/Logic Flaw
Vendor(s): Huawei
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.5
Vulnerability of uncaught exceptions in the NFC module. Successful exploitation of this vulnerability can affect NFC availability.
Published: Updated:
Vulnerability Type: Design/Logic Flaw
Vendor(s): Huawei
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.5
Vulnerability of parameters being out of the value range in the QMI service module. Successful exploitation of this vulnerability may cause errors in reading file data.
Published: Updated:
Vulnerability Type: Cross site scripting
Vendor(s): Huawei
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.5
Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions.
Published: Updated:
Vulnerability Type: Cross site scripting
Vendor(s): Huawei
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.5
Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions.
Published: Updated:
Vulnerability Type: Design/Logic Flaw
Vendor(s): Huawei
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.5
Vulnerability of uncaught exceptions in the NFC module. Successful exploitation of this vulnerability can affect NFC availability.
Published: Updated:
Vulnerability Type: Design/Logic Flaw
Vendor(s): Huawei
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.3
Unauthorized startup vulnerability of background apps. Successful exploitation of this vulnerability may cause background apps to start maliciously.
Published: Updated:
Vulnerability Type: Design/Logic Flaw
Vendor(s): Huawei
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.3
Vulnerability of background app permission management in the framework module. Successful exploitation of this vulnerability may cause background apps to start maliciously.
Published: Updated:
Vulnerability Type: Cross site scripting
Vendor(s): Huawei
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.5
Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions.
Published: Updated:
Vulnerability Type: Cross site scripting
Vendor(s): Huawei
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.5
Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions.
Published: Updated:
Vulnerability Type: Cross site scripting
Vendor(s): Huawei
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.5
Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions.
Published: Updated:
Vulnerability Type: Design/Logic Flaw
Vendor(s): Huawei
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.3
Vulnerability of input parameters being not strictly verified in the input. Successful exploitation of this vulnerability may cause the launcher to restart.
Published: Updated:
Vulnerability Type: Race condition
Vendor(s): Huawei
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.9
Race condition vulnerability in the kernel module. Successful exploitation of this vulnerability may cause variable values to be read with the condition evaluation bypassed.
Published: Updated:
Vulnerability Type: Security feature bypass
Vendor(s): Huawei
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.5
Security vulnerability in the face unlock module. Successful exploitation of this vulnerability may affect service confidentiality.
Published: Updated:
Vulnerability Type: Security feature bypass
Vendor(s): Huawei
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.5
Vulnerability of missing encryption in the card management module. Successful exploitation of this vulnerability may affect service confidentiality.
Published: Updated:
Vulnerability Type: Design/Logic Flaw
Vendor(s): Huawei
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.5
Vulnerability of improper permission control in the Booster module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Published: Updated:
Vulnerability Type: Security feature bypass
Vendor(s): Huawei
Significant
Remediate Within one Month
CVSS v2N/ACVSS v39.1
Vulnerability of identity verification being bypassed in the face unlock module. Successful exploitation of this vulnerability will affect integrity and confidentiality.
