网安资讯详情 - SecLens 情报雷达

网安资讯,一网打尽。汇集权威漏洞通告与行业要闻,结合分组浏览、智能过滤、RSS订阅 和 Webhook 推送,多通道拓展您的安全情报视野。

PLY Remote Code Execution Vulnerability in Some Huawei Products

来源: huawei_security · 发布时间 2026-06-10 08:00 (UTC+08:00) · 抓取时间 2026-06-10 21:44 (UTC+08:00)

摘要

The PLY (Python Lex-Yacc) library used by some Huawei products has a remote code execution vulnerability. Remote attackers may use the pickle file to trigger code execution. (Vulnerability ID:HWPSIRT-2026-41072) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID:CVE-2025-56005

标签

扩展字段

{
  "hw_psirt_ids": [
    "HWPSIRT-2026-41072"
  ],
  "language": "en",
  "sasn_no": "huawei-sa-PRCEViSHP-00915157",
  "sasn_version": "1.8",
  "severity": "Critical",
  "vulnerabilities": [
    {
      "cveId": "CVE-2025-56005",
      "hwPsirtId": "HWPSIRT-2026-41072"
    }
  ]
}