Description
HiSuite 9.1.0.300 versions and earlier contains a DLL hijacking vulnerability. This vulnerability exists due to some DLL file is loaded by HiSuite improperly. And it allows an attacker to load this DLL file of the attacker's choosing that could execute arbitrary code.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190612-01-dllhijacking-en
Scores
CVSS v3
5.3
EPSS
0.0006
EPSS Percentile
18.2%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Details
CWE
CWE-427
Status
published
Products (1)
huawei/hisuite
< 9.1.0.300
Published
Jun 13, 2019
Tracked Since
Feb 18, 2026