huawei security advisories
14 threat alerts tracking vulnerabilities and security advisories that affect huawei products.
Vulnios monitors huawei CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent huawei security news in one place, or click into an individual alert for full detail.
Critical Vulnerability: CVE-2017-2738 — huawei — vcm5010_firmware, vcm5010
VCM5010 with software versions earlier before V100R002C50SPC100 has an authentication bypass vulnerability. This is due to improper implementation of authentication for accessing web pages. An unauthe
criticalCVE-2017-2738Critical Vulnerability: CVE-2017-8122 — huawei — uma
The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit
criticalCVE-2017-8122Critical Vulnerability: CVE-2017-8129 — huawei — uma
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packet
criticalCVE-2017-8129Critical Vulnerability: CVE-2017-8119 — huawei — uma
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packet
criticalCVE-2017-8119Critical Vulnerability: CVE-2017-8120 — huawei — uma
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packet
criticalCVE-2017-8120Critical Vulnerability: CVE-2017-8117 — huawei — uma
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packet
criticalCVE-2017-8117Critical Vulnerability: CVE-2017-8123 — huawei — uma
The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit
criticalCVE-2017-8123Critical Vulnerability: CVE-2017-8128 — huawei — uma
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packet
criticalCVE-2017-8128Critical Vulnerability: CVE-2017-8124 — huawei — uma
The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit
criticalCVE-2017-8124Critical Vulnerability: CVE-2017-8126 — huawei — uma
The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit
criticalCVE-2017-8126Critical Vulnerability: CVE-2015-7841 — huawei — fusionserver_ch121_v3, fusionserver_ch220_v3
The login page of the server on Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100
criticalCVE-2015-7841Critical Vulnerability: CVE-2015-4629 — huawei — e5756s_firmware, e5756s
Huawei E5756S before V200R002B146D23SP00C00 allows remote attackers to read device configuration information, enable PIN/PUK authentication, and perform other unspecified actions.
criticalCVE-2015-4629Critical Vulnerability: CVE-2014-9693 — huawei — tecal_rh1288_v2_firmware, tecal_rh1288_v2
Huawei Tecal RH1288 V2 V100R002C00SPC107 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285 V2 V100R002C00SPC115 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285H V2 V100R0
criticalCVE-2014-9693Critical Vulnerability: CVE-2016-6206 — huawei — ar3200_firmware, ar3200
Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted packet.
criticalCVE-2016-6206
Track huawei exposure across your environment
Vulnios automatically cross-references your asset inventory against new huawei CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.
Start a free scan