VYPR

Hisuite

by Huawei

CVEs (8)

  • CVE-2020-9100HigJul 6, 2020
    risk 0.51cvss 7.8epss 0.00

    Earlier than HiSuite 10.1.0.500 have a DLL hijacking vulnerability. This vulnerability exists due to some DLL file is loaded by HiSuite improperly. And it allows an attacker to load this DLL file of the attacker's choosing.

  • CVE-2016-8274HigApr 2, 2017
    risk 0.51cvss 7.8epss 0.00

    Huawei PC client software HiSuite 4.0.5.300_OVE has a dynamic link library (DLL) hijack vulnerability; an attacker can make the system load malicious DLL files to execute arbitrary code.

  • CVE-2016-8273HigApr 2, 2017
    risk 0.51cvss 7.8epss 0.00

    Huawei PC client software HiSuite 4.0.5.300_OVE uses insecure HTTP for upgrade software package download and does not check the integrity of the software package before installing; an attacker can launch an MITM attack to interrupt or replace the downloaded software package and…

  • CVE-2016-5821HigJul 13, 2016
    risk 0.51cvss 7.8epss 0.00

    Huawei HiSuite before 4.0.4.204_ove (Out of China) and before 4.0.4.301 (China) use a weak ACL (FILE_WRITE_DATA for BUILTIN\Users) for the HiSuite service directory, which allows local users to gain SYSTEM privileges via a Trojan horse (1) SspiCli.dll or (2) USERENV.dll file or…

  • CVE-2019-5263MedNov 29, 2019
    risk 0.36cvss 5.5epss 0.00

    HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305(MAC) and earlier versions and HwBackup with earlier versions before 9.1.1.308 have a brute forcing encrypted backup data vulnerability. Huawei smartphone user backup information can be obtained by brute forcing the…

  • CVE-2019-5226MedNov 29, 2019
    risk 0.36cvss 5.5epss 0.00

    P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305…

  • CVE-2016-8272MedApr 2, 2017
    risk 0.34cvss 5.3epss 0.00

    Huawei PC client software HiSuite 4.0.5.300_OVE has an information leak vulnerability; an attacker who can log in to the system can copy out the user's proxy password, causing information leaks.

  • CVE-2016-4086MedJun 30, 2016
    risk 0.34cvss 5.3epss 0.00

    Huawei HiSuite (In China) before 4.0.4.301 and (Out of China) before 4.0.4.204_ove allows remote attackers to install arbitrary apps on a connected phone via unspecified vectors.