VYPR

Hiwallet

by Huawei

CVEs (3)

  • CVE-2017-2704HigNov 22, 2017
    risk 0.49cvss 7.5epss 0.01

    Smarthome 1.0.2.364 and earlier versions,HiAPP 7.3.0.303 and earlier versions,HwParentControl 2.0.0 and earlier versions,HwParentControlParent 5.1.0.12 and earlier versions,Crowdtest 1.5.3 and earlier versions,HiWallet 8.0.0.301 and earlier versions,Huawei Pay 8.0.0.300 and…

  • CVE-2017-8177MedNov 22, 2017
    risk 0.34cvss 5.3epss 0.00

    Huawei APP HiWallet earlier than 5.0.3.100 versions do not support signature verification for APK file. An attacker could exploit this vulnerability to hijack the APK and upload modified APK file. Successful exploit could lead to the APP is hijacking.

  • CVE-2017-17149LowMar 9, 2018
    risk 0.25cvss 3.9epss 0.00

    Huawei HiWallet App with the versions before 8.0.4 has an arbitrary lock pattern change vulnerability. It needs to verify the user's Huawei ID during lock pattern change. An attacker with root privilege who gets a user's smart phone may bypass Huawei ID verification by special…