Search criteria
48 vulnerabilities
CVE-2025-57837 (GCVE-0-2025-57837)
Vulnerability from cvelistv5 – Published: 2025-10-20 08:12 – Updated: 2025-10-20 13:01
VLAI?
Summary
Tileservice module is affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality.
Severity ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-57837",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-20T12:58:36.486636Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-20T13:01:50.277Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FCP-AN10",
"vendor": "Honor",
"versions": [
{
"lessThan": "8.0.1.173",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eTileservice module is affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality.\u003c/span\u003e"
}
],
"value": "Tileservice module is affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-20T08:12:19.416Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.honor.com/global/security/cve-2025-57837/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2025-57837",
"datePublished": "2025-10-20T08:12:19.416Z",
"dateReserved": "2025-08-21T03:17:26.137Z",
"dateUpdated": "2025-10-20T13:01:50.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-57839 (GCVE-0-2025-57839)
Vulnerability from cvelistv5 – Published: 2025-10-20 08:04 – Updated: 2025-10-20 13:19
VLAI?
Summary
Photo module is affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality.
Severity ?
4 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-57839",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-20T13:13:15.933581Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-20T13:19:06.045Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MagicOS",
"vendor": "Honor",
"versions": [
{
"lessThan": "9.0.0.100",
"status": "affected",
"version": "Magic OS",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ePhoto module is affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality.\u003c/span\u003e"
}
],
"value": "Photo module is affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-20T08:04:00.881Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.honor.com/global/security/cve-2025-57839/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2025-57839",
"datePublished": "2025-10-20T08:04:00.881Z",
"dateReserved": "2025-08-21T03:17:26.138Z",
"dateUpdated": "2025-10-20T13:19:06.045Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-57838 (GCVE-0-2025-57838)
Vulnerability from cvelistv5 – Published: 2025-10-20 07:58 – Updated: 2025-10-20 13:32
VLAI?
Summary
Some Honor products are affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality.
Severity ?
4 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-57838",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-20T13:32:05.519104Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-20T13:32:29.053Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MagicOS",
"vendor": "Honor",
"versions": [
{
"lessThan": "9.0.0.100",
"status": "affected",
"version": "MagicOS",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality.\u003c/span\u003e"
}
],
"value": "Some Honor products are affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-20T07:58:07.686Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.honor.com/global/security/cve-2025-57838/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2025-57838",
"datePublished": "2025-10-20T07:58:07.686Z",
"dateReserved": "2025-08-21T03:17:26.138Z",
"dateUpdated": "2025-10-20T13:32:29.053Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1532 (GCVE-0-2025-1532)
Vulnerability from cvelistv5 – Published: 2025-04-17 09:31 – Updated: 2025-04-17 18:17
VLAI?
Summary
Phoneservice module is affected by code injection vulnerability, successful exploitation of this vulnerability may affect service confidentiality and integrity.
Severity ?
8.1 (High)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Honor | com.hihonor.phoneservice |
Affected:
11.0.0.271 , < 11.0.0.276
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1532",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-17T15:06:36.043383Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-17T18:17:23.339Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "com.hihonor.phoneservice",
"vendor": "Honor",
"versions": [
{
"lessThan": "11.0.0.276",
"status": "affected",
"version": "11.0.0.271",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ePhoneservice module is affected by code injection vulnerability, successful exploitation of this vulnerability may affect service confidentiality and integrity.\u003c/span\u003e"
}
],
"value": "Phoneservice module is affected by code injection vulnerability, successful exploitation of this vulnerability may affect service confidentiality and integrity."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-17T09:31:17.816Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.honor.com/global/security/cve-2025-1532/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Code Injection Vulnerability in Phoneservice",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2025-1532",
"datePublished": "2025-04-17T09:31:17.816Z",
"dateReserved": "2025-02-21T01:20:06.608Z",
"dateUpdated": "2025-04-17T18:17:23.339Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2188 (GCVE-0-2025-2188)
Vulnerability from cvelistv5 – Published: 2025-04-17 09:28 – Updated: 2025-04-17 17:47
VLAI?
Summary
There is a whitelist mechanism bypass in GameCenter ,successful exploitation of this vulnerability may affect service confidentiality and integrity.
Severity ?
8.1 (High)
CWE
- CWE-290 - Authentication Bypass by Spoofing
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Honor | com.hihonor.gamecenter |
Affected:
16.0.23 , < 16.0.23.304
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2188",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-17T15:50:43.979940Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290 Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-17T17:47:58.371Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "com.hihonor.gamecenter",
"vendor": "Honor",
"versions": [
{
"lessThan": "16.0.23.304",
"status": "affected",
"version": "16.0.23",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThere is a whitelist mechanism bypass in GameCenter ,successful exploitation of this vulnerability may affect service confidentiality and integrity.\u003c/span\u003e"
}
],
"value": "There is a whitelist mechanism bypass in GameCenter ,successful exploitation of this vulnerability may affect service confidentiality and integrity."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-17T09:29:06.666Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.honor.com/global/security/cve-2025-2188/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Whitelist bypass Vulnerability in GameCenter",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2025-2188",
"datePublished": "2025-04-17T09:28:58.004Z",
"dateReserved": "2025-03-11T03:51:59.522Z",
"dateUpdated": "2025-04-17T17:47:58.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2197 (GCVE-0-2025-2197)
Vulnerability from cvelistv5 – Published: 2025-04-17 09:25 – Updated: 2025-04-17 18:06
VLAI?
Summary
Browser is affected by type confusion vulnerability, successful exploitation of this vulnerability may affect service availability.
Severity ?
4.3 (Medium)
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Honor | com. hihonor.baidu.browser |
Affected:
8.1.0.6 , < 8.1.1.3
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2197",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-17T16:01:34.755784Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-17T18:06:20.666Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "com. hihonor.baidu.browser",
"product": "com. hihonor.baidu.browser",
"vendor": "Honor",
"versions": [
{
"lessThan": "8.1.1.3",
"status": "affected",
"version": "8.1.0.6",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eBrowser is affected by type confusion vulnerability, successful exploitation of this vulnerability may affect service availability.\u003c/div\u003e"
}
],
"value": "Browser is affected by type confusion vulnerability, successful exploitation of this vulnerability may affect service availability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-17T09:25:46.870Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.honor.com/global/security/cve-2025-2197/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Type Confusion Vulnerability in Browser",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2025-2197",
"datePublished": "2025-04-17T09:25:46.870Z",
"dateReserved": "2025-03-11T08:01:10.174Z",
"dateUpdated": "2025-04-17T18:06:20.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47150 (GCVE-0-2024-47150)
Vulnerability from cvelistv5 – Published: 2024-12-26 12:16 – Updated: 2024-12-26 16:13
VLAI?
Summary
Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
Severity ?
CWE
- CWE-203 - Observable Discrepancy
Assigner
References
Credits
ycmint working with ADLab of VenusTech
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47150",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-26T16:13:28.101955Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203 Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T16:13:32.897Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "8.0.0.135",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ycmint working with ADLab of VenusTech"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T12:16:26.133Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.honor.com/global/security/cve-2024-47150/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2024-47150",
"datePublished": "2024-12-26T12:16:26.133Z",
"dateReserved": "2024-09-19T03:18:03.411Z",
"dateUpdated": "2024-12-26T16:13:32.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47149 (GCVE-0-2024-47149)
Vulnerability from cvelistv5 – Published: 2024-12-26 12:07 – Updated: 2024-12-26 16:16
VLAI?
Summary
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
Severity ?
CWE
- CWE-203 - Observable Discrepancy
Assigner
References
Credits
ycmint working with ADLab of VenusTech
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47149",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-26T16:16:30.637863Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203 Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T16:16:35.282Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "8.0.0.64",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ycmint working with ADLab of VenusTech"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\u003c/span\u003e"
}
],
"value": "Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T12:07:12.425Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.honor.com/global/security/cve-2024-47149/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2024-47149",
"datePublished": "2024-12-26T12:07:12.425Z",
"dateReserved": "2024-09-19T03:18:03.411Z",
"dateUpdated": "2024-12-26T16:16:35.282Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47148 (GCVE-0-2024-47148)
Vulnerability from cvelistv5 – Published: 2024-12-26 12:01 – Updated: 2024-12-26 16:25
VLAI?
Summary
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
Severity ?
4 (Medium)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
Credits
ycmint working with ADLab of VenusTech
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47148",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-26T16:22:05.320017Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T16:25:15.454Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "8.0.1.112",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ycmint working with ADLab of VenusTech"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\u003c/span\u003e"
}
],
"value": "Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T12:01:43.893Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.honor.com/global/security/cve-2024-47148/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2024-47148",
"datePublished": "2024-12-26T12:01:43.893Z",
"dateReserved": "2024-09-19T03:18:03.411Z",
"dateUpdated": "2024-12-26T16:25:15.454Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47157 (GCVE-0-2024-47157)
Vulnerability from cvelistv5 – Published: 2024-12-26 11:52 – Updated: 2024-12-27 14:34
VLAI?
Summary
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
Severity ?
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
Credits
ycmint working with ADLab of VenusTech
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47157",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T14:24:35.567339Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T14:34:59.128Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "8.0.0.157",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ycmint working with ADLab of VenusTech"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.9,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T11:52:40.429Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.honor.com/global/security/cve-2024-47157/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2024-47157",
"datePublished": "2024-12-26T11:52:40.429Z",
"dateReserved": "2024-09-19T03:18:03.412Z",
"dateUpdated": "2024-12-27T14:34:59.128Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47155 (GCVE-0-2024-47155)
Vulnerability from cvelistv5 – Published: 2024-12-26 11:47 – Updated: 2024-12-27 14:31
VLAI?
Summary
Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
Severity ?
5.5 (Medium)
CWE
- CWE-203 - Observable Discrepancy
Assigner
References
Credits
ycmint working with ADLab of VenusTech
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47155",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T14:31:00.583875Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203 Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T14:31:59.681Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "8.0.0.135",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ycmint working with ADLab of VenusTech"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T11:47:45.436Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.honor.com/global/security/cve-2024-47155/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2024-47155",
"datePublished": "2024-12-26T11:47:45.436Z",
"dateReserved": "2024-09-19T03:18:03.412Z",
"dateUpdated": "2024-12-27T14:31:59.681Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47154 (GCVE-0-2024-47154)
Vulnerability from cvelistv5 – Published: 2024-12-26 11:39 – Updated: 2024-12-27 14:35
VLAI?
Summary
Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
Severity ?
5.5 (Medium)
CWE
- CWE-203 - Observable Discrepancy
Assigner
References
Credits
ycmint working with ADLab of VenusTech
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47154",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T14:35:50.268457Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203 Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T14:35:54.631Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "8.0.0.173",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ycmint working with ADLab of VenusTech"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T11:39:52.536Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.honor.com/global/security/cve-2024-47154/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2024-47154",
"datePublished": "2024-12-26T11:39:52.536Z",
"dateReserved": "2024-09-19T03:18:03.412Z",
"dateUpdated": "2024-12-27T14:35:54.631Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47153 (GCVE-0-2024-47153)
Vulnerability from cvelistv5 – Published: 2024-12-26 11:31 – Updated: 2024-12-27 14:36
VLAI?
Summary
Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
Severity ?
6.2 (Medium)
CWE
- CWE-203 - Observable Discrepancy
Assigner
References
Credits
ycmint working with ADLab of VenusTech
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47153",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T14:36:44.239320Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203 Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T14:36:48.205Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "8.0.0.159",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ycmint working with ADLab of VenusTech"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\u003c/span\u003e"
}
],
"value": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T11:31:46.763Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.honor.com/global/security/cve-2024-47153/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2024-47153",
"datePublished": "2024-12-26T11:31:46.763Z",
"dateReserved": "2024-09-19T03:18:03.412Z",
"dateUpdated": "2024-12-27T14:36:48.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8992 (GCVE-0-2024-8992)
Vulnerability from cvelistv5 – Published: 2024-12-26 11:28 – Updated: 2024-12-26 16:38
VLAI?
Summary
Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
Severity ?
4 (Medium)
CWE
- CWE-203 - Observable Discrepancy
Assigner
References
Credits
ycmint working with ADLab of VenusTech
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8992",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-26T16:38:02.266886Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203 Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T16:38:20.375Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "8.0.0.159",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ycmint working with ADLab of VenusTech"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\u003c/span\u003e"
}
],
"value": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T11:28:54.956Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.honor.com/global/security/cve-2024-8992/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2024-8992",
"datePublished": "2024-12-26T11:28:54.956Z",
"dateReserved": "2024-09-19T03:18:23.451Z",
"dateUpdated": "2024-12-26T16:38:20.375Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8993 (GCVE-0-2024-8993)
Vulnerability from cvelistv5 – Published: 2024-12-26 11:18 – Updated: 2024-12-26 16:38
VLAI?
Summary
Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
Severity ?
6.2 (Medium)
CWE
- CWE-203 - Observable Discrepancy
Assigner
References
Credits
ycmint working with ADLab of VenusTech
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8993",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-26T16:38:31.748256Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203 Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T16:38:58.332Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "8.0.0.159",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ycmint working with ADLab of VenusTech"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\u003c/span\u003e"
}
],
"value": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T11:18:11.112Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.honor.com/global/security/cve-2024-8993/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2024-8993",
"datePublished": "2024-12-26T11:18:11.112Z",
"dateReserved": "2024-09-19T03:18:26.237Z",
"dateUpdated": "2024-12-26T16:38:58.332Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8994 (GCVE-0-2024-8994)
Vulnerability from cvelistv5 – Published: 2024-12-26 11:13 – Updated: 2024-12-26 16:39
VLAI?
Summary
Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
Severity ?
6.2 (Medium)
CWE
- CWE-203 - Observable Discrepancy
Assigner
References
Credits
ycmint working with ADLab of VenusTech
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8994",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-26T16:39:28.528587Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203 Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T16:39:32.162Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "8.0.0.159",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ycmint working with ADLab of VenusTech"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T11:13:17.488Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.honor.com/global/security/cve-2024-8994/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2024-8994",
"datePublished": "2024-12-26T11:13:17.488Z",
"dateReserved": "2024-09-19T03:18:29.011Z",
"dateUpdated": "2024-12-26T16:39:32.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47151 (GCVE-0-2024-47151)
Vulnerability from cvelistv5 – Published: 2024-12-26 11:09 – Updated: 2024-12-26 16:40
VLAI?
Summary
Some Honor products are affected by file writing vulnerability, successful exploitation could cause code execution
Severity ?
6.3 (Medium)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Credits
wrlu
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47151",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-26T16:40:05.788797Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T16:40:23.453Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "8.0.0.135",
"status": "affected",
"version": "8.0.0.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "wrlu"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by file writing vulnerability, successful exploitation could cause code execution\u003c/span\u003e"
}
],
"value": "Some Honor products are affected by file writing vulnerability, successful exploitation could cause code execution"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T11:09:01.825Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.honor.com/global/security/cve-2024-47151/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2024-47151",
"datePublished": "2024-12-26T11:09:01.825Z",
"dateReserved": "2024-09-19T03:18:03.411Z",
"dateUpdated": "2024-12-26T16:40:23.453Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47156 (GCVE-0-2024-47156)
Vulnerability from cvelistv5 – Published: 2024-12-26 11:02 – Updated: 2024-12-26 16:41
VLAI?
Summary
Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
Severity ?
CWE
- CWE-203 - Observable Discrepancy
Assigner
References
Credits
ycmint working with ADLab of VenusTech
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47156",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-26T16:40:56.024878Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203 Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T16:41:09.886Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MagicOS",
"vendor": "Honor",
"versions": [
{
"lessThan": "8.0.0.135",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ycmint working with ADLab of VenusTech"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\u003c/span\u003e"
}
],
"value": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T11:09:51.840Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.honor.com/global/security/cve-2024-47156/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Information Leak Vulnerability in Honor Product",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2024-47156",
"datePublished": "2024-12-26T11:02:40.837Z",
"dateReserved": "2024-09-19T03:18:03.412Z",
"dateUpdated": "2024-12-26T16:41:09.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51435 (GCVE-0-2023-51435)
Vulnerability from cvelistv5 – Published: 2023-12-29 03:51 – Updated: 2025-04-17 20:21
VLAI?
Summary
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak.
Severity ?
7.1 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-51435/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51435",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-03T16:38:06.303616Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-17T20:21:51.799Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic UI",
"vendor": "Honor",
"versions": [
{
"lessThan": "6.1.0.212",
"status": "affected",
"version": "6.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:51:46.940Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-51435/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-51435",
"datePublished": "2023-12-29T03:51:46.940Z",
"dateReserved": "2023-12-19T01:27:50.842Z",
"dateUpdated": "2025-04-17T20:21:51.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51434 (GCVE-0-2023-51434)
Vulnerability from cvelistv5 – Published: 2023-12-29 03:49 – Updated: 2024-08-02 22:32
VLAI?
Summary
Some Honor products are affected by buffer overflow vulnerability, successful exploitation could cause code execution.
Severity ?
9.3 (Critical)
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.460Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-51434/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic UI",
"vendor": "Honor",
"versions": [
{
"lessThan": "6.1.0.212",
"status": "affected",
"version": "6.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by buffer overflow vulnerability, successful exploitation could cause code execution.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by buffer overflow vulnerability, successful exploitation could cause code execution.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:49:46.394Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-51434/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-51434",
"datePublished": "2023-12-29T03:49:46.394Z",
"dateReserved": "2023-12-19T01:27:50.842Z",
"dateUpdated": "2024-08-02T22:32:09.460Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51433 (GCVE-0-2023-51433)
Vulnerability from cvelistv5 – Published: 2023-12-29 03:47 – Updated: 2024-08-02 22:32
VLAI?
Summary
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak.
Severity ?
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-51433/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic UI",
"vendor": "Honor",
"versions": [
{
"lessThan": "6.1.0.212",
"status": "affected",
"version": "6.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:47:34.013Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-51433/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-51433",
"datePublished": "2023-12-29T03:47:34.013Z",
"dateReserved": "2023-12-19T01:27:50.842Z",
"dateUpdated": "2024-08-02T22:32:09.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51432 (GCVE-0-2023-51432)
Vulnerability from cvelistv5 – Published: 2023-12-29 03:45 – Updated: 2024-08-02 22:32
VLAI?
Summary
Some Honor products are affected by out of bounds read vulnerability, successful exploitation could cause information leak.
Severity ?
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.424Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-51432/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic UI",
"vendor": "Honor",
"versions": [
{
"lessThan": "6.1.0.212",
"status": "affected",
"version": "6.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by out of bounds read vulnerability, successful exploitation could cause information leak.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by out of bounds read vulnerability, successful exploitation could cause information leak.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.2,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:45:42.193Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-51432/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-51432",
"datePublished": "2023-12-29T03:45:42.193Z",
"dateReserved": "2023-12-19T01:27:50.842Z",
"dateUpdated": "2024-08-02T22:32:09.424Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51431 (GCVE-0-2023-51431)
Vulnerability from cvelistv5 – Published: 2023-12-29 03:43 – Updated: 2024-08-02 22:32
VLAI?
Summary
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
Severity ?
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Honor | com.hihonor.phoneservice |
Affected:
11.0.0.241 , < 11.0.0.243
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.443Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-51431/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "com.hihonor.phoneservice\t",
"vendor": "Honor",
"versions": [
{
"lessThan": "11.0.0.243",
"status": "affected",
"version": "11.0.0.241",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:43:09.979Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-51431/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-51431",
"datePublished": "2023-12-29T03:43:09.979Z",
"dateReserved": "2023-12-19T01:27:50.841Z",
"dateUpdated": "2024-08-02T22:32:09.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51430 (GCVE-0-2023-51430)
Vulnerability from cvelistv5 – Published: 2023-12-29 03:39 – Updated: 2024-11-27 15:25
VLAI?
Summary
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak.
Severity ?
4.4 (Medium)
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-51430/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51430",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-11T20:40:51.313330Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-27T15:25:26.247Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic UI",
"vendor": "Honor",
"versions": [
{
"lessThan": "6.1.0.212",
"status": "affected",
"version": "6.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak.\u003c/span\u003e\u003cbr\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak.\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:39:19.062Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-51430/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-51430",
"datePublished": "2023-12-29T03:39:19.062Z",
"dateReserved": "2023-12-19T01:27:50.841Z",
"dateUpdated": "2024-11-27T15:25:26.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51429 (GCVE-0-2023-51429)
Vulnerability from cvelistv5 – Published: 2023-12-29 03:36 – Updated: 2024-09-09 17:42
VLAI?
Summary
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak.
Severity ?
6 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.454Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-51429/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51429",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-09T17:41:47.514180Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-09T17:42:09.270Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.0.0.156",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:36:16.905Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-51429/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-51429",
"datePublished": "2023-12-29T03:36:16.905Z",
"dateReserved": "2023-12-19T01:27:50.841Z",
"dateUpdated": "2024-09-09T17:42:09.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51428 (GCVE-0-2023-51428)
Vulnerability from cvelistv5 – Published: 2023-12-29 03:32 – Updated: 2024-08-02 22:32
VLAI?
Summary
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
Severity ?
4.6 (Medium)
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.425Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-51428/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.0.0.129",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:32:31.596Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-51428/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-51428",
"datePublished": "2023-12-29T03:32:31.596Z",
"dateReserved": "2023-12-19T01:27:50.841Z",
"dateUpdated": "2024-08-02T22:32:09.425Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51427 (GCVE-0-2023-51427)
Vulnerability from cvelistv5 – Published: 2023-12-29 03:30 – Updated: 2024-08-02 22:32
VLAI?
Summary
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
Severity ?
4.6 (Medium)
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.957Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-51427/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.0.0.129",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\u003c/span\u003e\u003cbr\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:30:31.955Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-51427/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-51427",
"datePublished": "2023-12-29T03:30:31.955Z",
"dateReserved": "2023-12-19T01:27:50.841Z",
"dateUpdated": "2024-08-02T22:32:09.957Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51426 (GCVE-0-2023-51426)
Vulnerability from cvelistv5 – Published: 2023-12-29 03:28 – Updated: 2024-08-02 22:32
VLAI?
Summary
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
Severity ?
4.6 (Medium)
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-51426/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.0.0.129",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:28:07.173Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-51426/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-51426",
"datePublished": "2023-12-29T03:28:07.173Z",
"dateReserved": "2023-12-19T01:27:50.841Z",
"dateUpdated": "2024-08-02T22:32:09.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6939 (GCVE-0-2023-6939)
Vulnerability from cvelistv5 – Published: 2023-12-29 03:23 – Updated: 2024-08-02 08:42
VLAI?
Summary
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause denial of service.
Severity ?
4 (Medium)
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:08.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-6939/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic UI",
"vendor": "Honor",
"versions": [
{
"lessThan": "6.0.0.217",
"status": "affected",
"version": "6.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by type confusion vulnerability, successful exploitation could cause denial of service.\u003c/span\u003e"
}
],
"value": "\nSome Honor products are affected by type confusion vulnerability, successful exploitation could cause denial of service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:23:59.852Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-6939/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-6939",
"datePublished": "2023-12-29T03:23:59.852Z",
"dateReserved": "2023-12-19T01:27:23.630Z",
"dateUpdated": "2024-08-02T08:42:08.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23443 (GCVE-0-2023-23443)
Vulnerability from cvelistv5 – Published: 2023-12-29 03:18 – Updated: 2025-04-17 20:22
VLAI?
Summary
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
Severity ?
4.6 (Medium)
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:40.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-23443/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23443",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-03T16:36:46.242916Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-17T20:22:45.720Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Magic OS",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.0.0.156",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\u003c/span\u003e\n\n"
}
],
"value": "\nSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:18:41.853Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23443/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-23443",
"datePublished": "2023-12-29T03:18:41.853Z",
"dateReserved": "2023-01-12T04:00:30.137Z",
"dateUpdated": "2025-04-17T20:22:45.720Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}