Entry Thumbnail

Huawei Hypervisor HKIP Bypass

We have identified a new vulnerability in Huawei’s Hypervisor implementation. The vulnerability can be exploited to bypass Huawei’s HKIP (Kernel Integrity Protection) exploit mitigations. The vulnerability we are disclosing in this advisory affected a wide range of Huawei devices, including phones on the newest chipsets. The vendor did not produce […]

Posted by
Entry Thumbnail

CVE-2025-20678: Mediatek Baseband Unbounded Recursion Leading to Stack Overflow During Handling XML Payload

An attacker sending a malformed SIP message over VoLTE to a device with a Mediatek baseband can trigger the vulnerability described here. This report describes an unbounded recursion issue, which leads to stack overflow. (Note: the issue is stack overflow not stack **buffer** overtflow, i.e. an out-of-bounds write beyond a […]

Posted by