Huawei Huawei

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Huawei product.

RSS Feeds for Huawei security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Huawei products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Huawei Sorted by Most Security Vulnerabilities since 2018

Huawei Harmonyos836 vulnerabilities

Huawei Emui768 vulnerabilities

Huawei Magic Ui272 vulnerabilities

Huawei Fusioncompute11 vulnerabilities

Huawei Openeuler8 vulnerabilities

Huawei Bisheng Wnm Firmware7 vulnerabilities

Huawei Curiem Wfg9b Firmware5 vulnerabilities

Huawei Cv81 Wdm Firmware3 vulnerabilities

Huawei Aslan Al10 Firmware3 vulnerabilities

Huawei Smc2 02 vulnerabilities

Huawei Hilink Ai Life2 vulnerabilities

Huawei Ws7200 10 Firmware2 vulnerabilities

Huawei B612 Firmware2 vulnerabilities

Huawei Opengauss1 vulnerability

Huawei Myna Firmware1 vulnerability

Huawei Atune1 vulnerability

Huawei Policy Center1 vulnerability

Huawei Ultravr1 vulnerability

Huawei Ws7100 20 Firmware1 vulnerability

Huawei Egrt 00 Firmware1 vulnerability

Huawei Flmg 10 Firmware1 vulnerability

Huawei Mt8821 vulnerability

Huawei Jad Al50 Firmware1 vulnerability

Huawei Leia B29 Firmware1 vulnerability

Huawei Mate 20 Firmware1 vulnerability

Huawei Mate 30 Firmware1 vulnerability

By the Year

In 2025 there have been 78 vulnerabilities in Huawei with an average score of 6.9 out of ten. Last year, in 2024 Huawei had 207 security vulnerabilities published. Right now, Huawei is on track to have less security vulnerabilities in 2025 than it did last year. However, the average CVE base score of the vulnerabilities in 2025 is greater by 0.21.




Year Vulnerabilities Average Score
2025 78 6.94
2024 207 6.73
2023 249 7.49
2022 313 7.53
2021 255 7.33
2020 14 7.10
2019 12 6.93
2018 5 6.26

It may take a day or so for new Huawei vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Huawei Security Vulnerabilities

Vulnerability of insufficient information protection in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-58252 5.5 - Medium - May 06, 2025

Vulnerability of insufficient information protection in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Permission control vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-46587 5.5 - Medium - May 06, 2025

Permission control vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Incorrect Default Permissions

Vulnerability of unauthorized access in the app lock module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

CVE-2025-46588 7.7 - High - May 06, 2025

Vulnerability of unauthorized access in the app lock module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Vulnerability of unauthorized access in the app lock module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

CVE-2025-46589 7.1 - High - May 06, 2025

Vulnerability of unauthorized access in the app lock module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Bypass vulnerability in the network search instruction authentication module Impact: Successful exploitation of this vulnerability

CVE-2025-46590 6.5 - Medium - May 06, 2025

Bypass vulnerability in the network search instruction authentication module Impact: Successful exploitation of this vulnerability can bypass authentication and enable access to some network search functions.

authentification

Out-of-bounds data read vulnerability in the authorization module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-46591 5.5 - Medium - May 06, 2025

Out-of-bounds data read vulnerability in the authorization module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Out-of-bounds Read

Null pointer dereference vulnerability in the USB HDI driver module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-46592 5.5 - Medium - May 06, 2025

Null pointer dereference vulnerability in the USB HDI driver module Impact: Successful exploitation of this vulnerability may affect availability.

NULL Pointer Dereference

Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-46593 5.5 - Medium - May 06, 2025

Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect availability.

Vulnerability of improper authentication logic implementation in the file system module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-46584 5.5 - Medium - May 06, 2025

Vulnerability of improper authentication logic implementation in the file system module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Improper Handling of Exceptional Conditions

Out-of-bounds array read/write vulnerability in the kernel module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-46585 7 - High - May 06, 2025

Out-of-bounds array read/write vulnerability in the kernel module Impact: Successful exploitation of this vulnerability may affect availability.

Memory Corruption

Permission control vulnerability in the contacts module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-46586 5.5 - Medium - May 06, 2025

Permission control vulnerability in the contacts module Impact: Successful exploitation of this vulnerability may affect availability.

Incorrect Default Permissions

Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-58106 7.5 - High - April 07, 2025

Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.

Classic Buffer Overflow

Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-58107 7.5 - High - April 07, 2025

Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.

Classic Buffer Overflow

Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-58108 7.5 - High - April 07, 2025

Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.

Classic Buffer Overflow

Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-58109 7.5 - High - April 07, 2025

Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.

Classic Buffer Overflow

Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-58110 7.5 - High - April 07, 2025

Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.

Classic Buffer Overflow

Exception capture failure vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-58111 7.5 - High - April 07, 2025

Exception capture failure vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.

Exception capture failure vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-58112 7.5 - High - April 07, 2025

Exception capture failure vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.

Vulnerability of improper resource management in the memory management module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-58113 7.5 - High - April 07, 2025

Vulnerability of improper resource management in the memory management module Impact: Successful exploitation of this vulnerability may affect availability.

Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-58115 7.5 - High - April 07, 2025

Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.

Memory Corruption

Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-58116 7.5 - High - April 07, 2025

Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.

Memory Corruption

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

CVE-2024-58124 9.1 - Critical - April 07, 2025

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Authentication Bypass by Spoofing

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

CVE-2024-58125 9.1 - Critical - April 07, 2025

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Authentication Bypass by Spoofing

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

CVE-2024-58126 9.1 - Critical - April 07, 2025

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Authentication Bypass by Spoofing

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

CVE-2024-58127 9.1 - Critical - April 07, 2025

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Authentication Bypass by Spoofing

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

CVE-2025-31170 9.1 - Critical - April 07, 2025

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Authentication Bypass by Spoofing

File read permission bypass vulnerability in the kernel file system module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-31171 5.5 - Medium - April 07, 2025

File read permission bypass vulnerability in the kernel file system module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-31172 5.5 - Medium - April 07, 2025

Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-31173 6.5 - Medium - April 07, 2025

Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Path traversal vulnerability in the DFS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-31174 7.5 - High - April 07, 2025

Path traversal vulnerability in the DFS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Directory traversal

Deserialization mismatch vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may affect service integrity.

CVE-2025-31175 7.5 - High - April 07, 2025

Deserialization mismatch vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may affect service integrity.

Marshaling, Unmarshaling

Permission bypass vulnerability in the window module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-58043 5.5 - Medium - March 04, 2025

Permission bypass vulnerability in the window module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Permission verification bypass vulnerability in the notification module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-58044 5.5 - Medium - March 04, 2025

Permission verification bypass vulnerability in the notification module Impact: Successful exploitation of this vulnerability may affect availability.

Multi-concurrency vulnerability in the media digital copyright protection module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-58045 4.7 - Medium - March 04, 2025

Multi-concurrency vulnerability in the media digital copyright protection module Impact: Successful exploitation of this vulnerability may affect availability.

Permission management vulnerability in the lock screen module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-58046 5.5 - Medium - March 04, 2025

Permission management vulnerability in the lock screen module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-58047 5.5 - Medium - March 04, 2025

Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Vulnerability of improper access permission in the HDC module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-58050 5.5 - Medium - March 04, 2025

Vulnerability of improper access permission in the HDC module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Vulnerability of improper access permission in the process management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-27521 5.5 - Medium - March 04, 2025

Vulnerability of improper access permission in the process management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Multi-thread problem vulnerability in the package management module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-58048 4.7 - Medium - March 04, 2025

Multi-thread problem vulnerability in the package management module Impact: Successful exploitation of this vulnerability may affect availability.

Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-58049 5.5 - Medium - March 04, 2025

Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Out-of-bounds read vulnerability in the interpreter string module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-57956 7.5 - High - February 06, 2025

Out-of-bounds read vulnerability in the interpreter string module Impact: Successful exploitation of this vulnerability may affect availability.

Out-of-bounds Read

Out-of-bounds write vulnerability in the emcom module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-57961 9.8 - Critical - February 06, 2025

Out-of-bounds write vulnerability in the emcom module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

Memory Corruption

Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-57954 7.5 - High - February 06, 2025

Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Arbitrary write vulnerability in the Gallery module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-57955 7.5 - High - February 06, 2025

Arbitrary write vulnerability in the Gallery module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Out-of-bounds array read vulnerability in the FFRT module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-57958 9.1 - Critical - February 06, 2025

Out-of-bounds array read vulnerability in the FFRT module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

Out-of-bounds Read

Vulnerability of incomplete verification information in the VPN service module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-57962 7.5 - High - February 06, 2025

Vulnerability of incomplete verification information in the VPN service module Impact: Successful exploitation of this vulnerability may affect availability.

Identity verification vulnerability in the ParamWatcher module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-12602 7.5 - High - February 06, 2025

Identity verification vulnerability in the ParamWatcher module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Vulnerability of improper log information control in the UI framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-57957 7.5 - High - February 06, 2025

Vulnerability of improper log information control in the UI framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Insertion of Sensitive Information into Log File

Input verification vulnerability in the ExternalStorageProvider module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-57960 7.5 - High - February 06, 2025

Input verification vulnerability in the ExternalStorageProvider module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Use-After-Free (UAF) vulnerability in the display module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-57959 9.8 - Critical - February 06, 2025

Use-After-Free (UAF) vulnerability in the display module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

Dangling pointer

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.