CVSS: 6.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56438
https://notcve.org/view.php?id=CVE-2024-56438
08 Jan 2025 — Vulnerability of improper memory address protection in the HUKS module Impact: Successful exploitation of this vulnerability may affect availability. Vulnerability of improper memory address protection in the HUKS module Impact: Successful exploitation of this vulnerability may affect availability. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE-840: Business Logic Errors •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56437
https://notcve.org/view.php?id=CVE-2024-56437
08 Jan 2025 — Vulnerability of input parameters not being verified in the widget framework module Impact: Successful exploitation of this vulnerability may affect availability. Vulnerability of input parameters not being verified in the widget framework module Impact: Successful exploitation of this vulnerability may affect availability. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52955
https://notcve.org/view.php?id=CVE-2023-52955
08 Jan 2025 — Vulnerability of improper authentication in the ANS system service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. Vulnerability of improper authentication in the ANS system service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.4EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52954
https://notcve.org/view.php?id=CVE-2023-52954
08 Jan 2025 — Vulnerability of improper permission control in the Gallery module Impact: Successful exploitation of this vulnerability may affect availability. Vulnerability of improper permission control in the Gallery module Impact: Successful exploitation of this vulnerability may affect availability. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE CATEGORY •
CVSS: 6.2EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52953
https://notcve.org/view.php?id=CVE-2023-52953
08 Jan 2025 — Path traversal vulnerability in the Medialibrary module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. Path traversal vulnerability in the Medialibrary module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56436
https://notcve.org/view.php?id=CVE-2024-56436
08 Jan 2025 — Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56435
https://notcve.org/view.php?id=CVE-2024-56435
08 Jan 2025 — Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-56434
https://notcve.org/view.php?id=CVE-2024-56434
08 Jan 2025 — UAF vulnerability in the device node access module Impact: Successful exploitation of this vulnerability may cause service exceptions of the device. UAF vulnerability in the device node access module Impact: Successful exploitation of this vulnerability may cause service exceptions of the device. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE-672: Operation on a Resource after Expiration or Release •
CVSS: 6.4EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52718
https://notcve.org/view.php?id=CVE-2023-52718
28 Dec 2024 — A connection hijacking vulnerability exists in some Huawei home routers. Successful exploitation of this vulnerability may cause DoS or information leakage.(Vulnerability ID:HWPSIRT-2023-34408) This vulnerability has been assigned a (CVE)ID:CVE-2023-52718 • https://www.huawei.com/br/psirt/security-advisories/2024/huawei-sa-chvishhr-d50dedde-en • CWE-420: Unprotected Alternate Channel •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-7263
https://notcve.org/view.php?id=CVE-2023-7263
28 Dec 2024 — Some Huawei home music system products have a path traversal vulnerability. Successful exploitation of this vulnerability may cause unauthorized file deletion or file permission change.(Vulnerability ID:HWPSIRT-2023-53450) This vulnerability has been assigned a (CVE)ID:CVE-2023-7263 • https://www.huawei.com/en/psirt/security-advisories/2024/huawei-sa-ptvihhms-20747ba3-en • CWE-35: Path Traversal: '.../ •