Search criteria
828 vulnerabilities found for magic_ui by huawei
FKIE_CVE-2022-39005
Vulnerability from fkie_nvd - Published: 2022-09-16 18:15 - Updated: 2024-11-21 07:17
Severity ?
Summary
The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE0AFB0-A112-484B-BEAD-A7F1BDDCE313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks."
},
{
"lang": "es",
"value": "El m\u00f3dulo MPTCP, presenta una vulnerabilidad de p\u00e9rdida de memoria. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar p\u00e9rdidas de memoria"
}
],
"id": "CVE-2022-39005",
"lastModified": "2024-11-21T07:17:21.550",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:18.090",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-39006
Vulnerability from fkie_nvd - Published: 2022-09-16 18:15 - Updated: 2024-11-21 07:17
Severity ?
Summary
The MPTCP module has the race condition vulnerability. Successful exploitation of this vulnerability may cause the device to restart.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE0AFB0-A112-484B-BEAD-A7F1BDDCE313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The MPTCP module has the race condition vulnerability. Successful exploitation of this vulnerability may cause the device to restart."
},
{
"lang": "es",
"value": "El m\u00f3dulo MPTCP presenta una vulnerabilidad de condici\u00f3n de carrera. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar el reinicio del dispositivo"
}
],
"id": "CVE-2022-39006",
"lastModified": "2024-11-21T07:17:21.667",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:18.133",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-39004
Vulnerability from fkie_nvd - Published: 2022-09-16 18:15 - Updated: 2024-11-21 07:17
Severity ?
Summary
The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE0AFB0-A112-484B-BEAD-A7F1BDDCE313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks."
},
{
"lang": "es",
"value": "El m\u00f3dulo MPTCP, presenta una vulnerabilidad de p\u00e9rdida de memoria. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar p\u00e9rdidas de memoria"
}
],
"id": "CVE-2022-39004",
"lastModified": "2024-11-21T07:17:21.423",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:18.053",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-39003
Vulnerability from fkie_nvd - Published: 2022-09-16 18:15 - Updated: 2024-11-21 07:17
Severity ?
Summary
Buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability will affect the confidentiality and integrity of trusted components.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability will affect the confidentiality and integrity of trusted components."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento del b\u00fafer en el marco de v\u00eddeo. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad afectar\u00e1 a la confidencialidad e integridad de los componentes confiables"
}
],
"id": "CVE-2022-39003",
"lastModified": "2024-11-21T07:17:21.300",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:18.013",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-38997
Vulnerability from fkie_nvd - Published: 2022-09-16 18:15 - Updated: 2024-11-21 07:17
Severity ?
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE0AFB0-A112-484B-BEAD-A7F1BDDCE313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality."
},
{
"lang": "es",
"value": "El m\u00f3dulo de Sistema Operativo seguro presenta defectos de configuraci\u00f3n. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad de los datos"
}
],
"id": "CVE-2022-38997",
"lastModified": "2024-11-21T07:17:20.427",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:17.820",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-39001
Vulnerability from fkie_nvd - Published: 2022-09-16 18:15 - Updated: 2025-06-03 18:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
The number identification module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause data disclosure.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The number identification module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause data disclosure."
},
{
"lang": "es",
"value": "El m\u00f3dulo de identificaci\u00f3n de n\u00fameros presenta una vulnerabilidad de salto de ruta. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar la divulgaci\u00f3n de datos"
}
],
"id": "CVE-2022-39001",
"lastModified": "2025-06-03T18:15:22.960",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-09-16T18:15:17.937",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-38987
Vulnerability from fkie_nvd - Published: 2022-09-16 18:15 - Updated: 2024-11-21 07:17
Severity ?
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability."
},
{
"lang": "es",
"value": "El m\u00f3dulo de Sistema Operativo seguro presenta defectos de configuraci\u00f3n. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad del sistema"
}
],
"id": "CVE-2022-38987",
"lastModified": "2024-11-21T07:17:19.183",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:17.437",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-38978
Vulnerability from fkie_nvd - Published: 2022-09-16 18:15 - Updated: 2024-11-21 07:17
Severity ?
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE0AFB0-A112-484B-BEAD-A7F1BDDCE313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality."
},
{
"lang": "es",
"value": "El m\u00f3dulo de Sistema Operativo seguro presenta defectos de configuraci\u00f3n. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad de los datos"
}
],
"id": "CVE-2022-38978",
"lastModified": "2024-11-21T07:17:18.060",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:17.350",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-39002
Vulnerability from fkie_nvd - Published: 2022-09-16 18:15 - Updated: 2024-11-21 07:17
Severity ?
Summary
Double free vulnerability in the storage module. Successful exploitation of this vulnerability will cause the memory to be freed twice.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Double free vulnerability in the storage module. Successful exploitation of this vulnerability will cause the memory to be freed twice."
},
{
"lang": "es",
"value": "Una vulnerabilidad de doble liberaci\u00f3n en el m\u00f3dulo de almacenamiento. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad causar\u00e1 que la memoria sea liberada dos veces"
}
],
"id": "CVE-2022-39002",
"lastModified": "2024-11-21T07:17:21.063",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:17.977",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202210-0000001416095697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202210-0000001416095697"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-415"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-38990
Vulnerability from fkie_nvd - Published: 2022-09-16 18:15 - Updated: 2024-11-21 07:17
Severity ?
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability."
},
{
"lang": "es",
"value": "El m\u00f3dulo de Sistema Operativo seguro presenta defectos de configuraci\u00f3n. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad del sistema"
}
],
"id": "CVE-2022-38990",
"lastModified": "2024-11-21T07:17:19.560",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:17.553",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-39000
Vulnerability from fkie_nvd - Published: 2022-09-16 18:15 - Updated: 2024-11-21 07:17
Severity ?
Summary
The iAware module has a vulnerability in managing malicious apps.Successful exploitation of this vulnerability will cause malicious apps to automatically start upon system startup.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE0AFB0-A112-484B-BEAD-A7F1BDDCE313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The iAware module has a vulnerability in managing malicious apps.Successful exploitation of this vulnerability will cause malicious apps to automatically start upon system startup."
},
{
"lang": "es",
"value": "El m\u00f3dulo iAware presenta una vulnerabilidad en la administraci\u00f3n de aplicaciones maliciosas. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad causar\u00e1 que las aplicaciones maliciosas sean iniciadas autom\u00e1ticamente al arrancar el sistema"
}
],
"id": "CVE-2022-39000",
"lastModified": "2024-11-21T07:17:20.783",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:17.900",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-38988
Vulnerability from fkie_nvd - Published: 2022-09-16 18:15 - Updated: 2024-11-21 07:17
Severity ?
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality."
},
{
"lang": "es",
"value": "El m\u00f3dulo de SO seguro tiene defectos de configuraci\u00f3n. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar a la confidencialidad de los datos."
}
],
"id": "CVE-2022-38988",
"lastModified": "2024-11-21T07:17:19.313",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:17.477",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-38993
Vulnerability from fkie_nvd - Published: 2022-09-16 18:15 - Updated: 2024-11-21 07:17
Severity ?
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE0AFB0-A112-484B-BEAD-A7F1BDDCE313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability."
},
{
"lang": "es",
"value": "El m\u00f3dulo de Sistema Operativo seguro presenta defectos de configuraci\u00f3n. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad del sistema"
}
],
"id": "CVE-2022-38993",
"lastModified": "2024-11-21T07:17:19.937",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:17.667",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-38979
Vulnerability from fkie_nvd - Published: 2022-09-16 18:15 - Updated: 2024-11-21 07:17
Severity ?
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE0AFB0-A112-484B-BEAD-A7F1BDDCE313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality."
},
{
"lang": "es",
"value": "El m\u00f3dulo de Sistema Operativo seguro presenta defectos de configuraci\u00f3n. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad de los datos"
}
],
"id": "CVE-2022-38979",
"lastModified": "2024-11-21T07:17:18.193",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:17.387",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-38991
Vulnerability from fkie_nvd - Published: 2022-09-16 18:15 - Updated: 2024-11-21 07:17
Severity ?
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality."
},
{
"lang": "es",
"value": "El m\u00f3dulo de Sistema Operativo seguro presenta defectos de configuraci\u00f3n. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad de los datos"
}
],
"id": "CVE-2022-38991",
"lastModified": "2024-11-21T07:17:19.687",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:17.590",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-38992
Vulnerability from fkie_nvd - Published: 2022-09-16 18:15 - Updated: 2024-11-21 07:17
Severity ?
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality."
},
{
"lang": "es",
"value": "El m\u00f3dulo de Sistema Operativo seguro presenta defectos de configuraci\u00f3n. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad de los datos"
}
],
"id": "CVE-2022-38992",
"lastModified": "2024-11-21T07:17:19.810",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:17.630",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-38989
Vulnerability from fkie_nvd - Published: 2022-09-16 18:15 - Updated: 2024-11-21 07:17
Severity ?
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability."
},
{
"lang": "es",
"value": "El m\u00f3dulo de Sistema Operativo seguro presenta defectos de configuraci\u00f3n. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad del sistema"
}
],
"id": "CVE-2022-38989",
"lastModified": "2024-11-21T07:17:19.440",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:17.513",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-36600
Vulnerability from fkie_nvd - Published: 2022-09-16 18:15 - Updated: 2024-11-21 05:29
Severity ?
Summary
Out-of-bounds write vulnerability in the power consumption module. Successful exploitation of this vulnerability may cause the system to restart.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write vulnerability in the power consumption module. Successful exploitation of this vulnerability may cause the system to restart."
},
{
"lang": "es",
"value": "Una vulnerabilidad de escritura fuera de l\u00edmites en el m\u00f3dulo de consumo de energ\u00eda. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar el reinicio del sistema"
}
],
"id": "CVE-2020-36600",
"lastModified": "2024-11-21T05:29:51.883",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:11.347",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-40019
Vulnerability from fkie_nvd - Published: 2022-09-16 18:15 - Updated: 2024-11-21 06:23
Severity ?
Summary
Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds access.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds access."
},
{
"lang": "es",
"value": "Una vulnerabilidad de lectura de la pila fuera de l\u00edmites en el m\u00f3dulo HW_KEYMASTER. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar un acceso fuera de l\u00edmites"
}
],
"id": "CVE-2021-40019",
"lastModified": "2024-11-21T06:23:23.733",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:11.497",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-36601
Vulnerability from fkie_nvd - Published: 2022-09-16 18:15 - Updated: 2024-11-21 05:29
Severity ?
Summary
Out-of-bounds write vulnerability in the kernel modules. Successful exploitation of this vulnerability may cause a panic reboot.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write vulnerability in the kernel modules. Successful exploitation of this vulnerability may cause a panic reboot."
},
{
"lang": "es",
"value": "Una vulnerabilidad de escritura fuera de l\u00edmites en los m\u00f3dulos del kernel. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar un reinicio de p\u00e1nico"
}
],
"id": "CVE-2020-36601",
"lastModified": "2024-11-21T05:29:52.060",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:11.407",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2020-36601 (GCVE-0-2020-36601)
Vulnerability from cvelistv5 – Published: 2022-09-16 17:58 – Updated: 2024-08-04 17:30
VLAI?
Summary
Out-of-bounds write vulnerability in the kernel modules. Successful exploitation of this vulnerability may cause a panic reboot.
Severity ?
No CVSS data available.
CWE
- Out-of-bounds write vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:30:08.424Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write vulnerability in the kernel modules. Successful exploitation of this vulnerability may cause a panic reboot."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds write vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:58:12",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-36601",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds write vulnerability in the kernel modules. Successful exploitation of this vulnerability may cause a panic reboot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds write vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-36601",
"datePublished": "2022-09-16T17:58:12",
"dateReserved": "2022-08-24T00:00:00",
"dateUpdated": "2024-08-04T17:30:08.424Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-36600 (GCVE-0-2020-36600)
Vulnerability from cvelistv5 – Published: 2022-09-16 17:58 – Updated: 2024-08-04 17:30
VLAI?
Summary
Out-of-bounds write vulnerability in the power consumption module. Successful exploitation of this vulnerability may cause the system to restart.
Severity ?
No CVSS data available.
CWE
- Out-of-bounds write vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:30:08.525Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write vulnerability in the power consumption module. Successful exploitation of this vulnerability may cause the system to restart."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds write vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:58:09",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-36600",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds write vulnerability in the power consumption module. Successful exploitation of this vulnerability may cause the system to restart."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds write vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-36600",
"datePublished": "2022-09-16T17:58:09",
"dateReserved": "2022-08-24T00:00:00",
"dateUpdated": "2024-08-04T17:30:08.525Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-39003 (GCVE-0-2022-39003)
Vulnerability from cvelistv5 – Published: 2022-09-16 17:58 – Updated: 2024-08-03 11:10
VLAI?
Summary
Buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability will affect the confidentiality and integrity of trusted components.
Severity ?
No CVSS data available.
CWE
- Buffer overflow vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:32.163Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability will affect the confidentiality and integrity of trusted components."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer overflow vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:58:06",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-39003",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability will affect the confidentiality and integrity of trusted components."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer overflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-39003",
"datePublished": "2022-09-16T17:58:06",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:10:32.163Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40019 (GCVE-0-2021-40019)
Vulnerability from cvelistv5 – Published: 2022-09-16 17:58 – Updated: 2024-08-04 02:27
VLAI?
Summary
Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds access.
Severity ?
No CVSS data available.
CWE
- Out-of-bounds heap read vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:30.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds heap read vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:58:03",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40019",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds heap read vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40019",
"datePublished": "2022-09-16T17:58:03",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:30.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-39001 (GCVE-0-2022-39001)
Vulnerability from cvelistv5 – Published: 2022-09-16 17:57 – Updated: 2025-06-03 17:53
VLAI?
Summary
The number identification module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause data disclosure.
Severity ?
7.5 (High)
CWE
- Path traversal vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:32.038Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-39001",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-03T17:52:36.152822Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T17:53:06.495Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The number identification module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause data disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Path traversal vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:57:48.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-39001",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The number identification module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause data disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path traversal vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-39001",
"datePublished": "2022-09-16T17:57:48.000Z",
"dateReserved": "2022-08-29T00:00:00.000Z",
"dateUpdated": "2025-06-03T17:53:06.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-36601 (GCVE-0-2020-36601)
Vulnerability from nvd – Published: 2022-09-16 17:58 – Updated: 2024-08-04 17:30
VLAI?
Summary
Out-of-bounds write vulnerability in the kernel modules. Successful exploitation of this vulnerability may cause a panic reboot.
Severity ?
No CVSS data available.
CWE
- Out-of-bounds write vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:30:08.424Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write vulnerability in the kernel modules. Successful exploitation of this vulnerability may cause a panic reboot."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds write vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:58:12",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-36601",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds write vulnerability in the kernel modules. Successful exploitation of this vulnerability may cause a panic reboot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds write vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-36601",
"datePublished": "2022-09-16T17:58:12",
"dateReserved": "2022-08-24T00:00:00",
"dateUpdated": "2024-08-04T17:30:08.424Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-36600 (GCVE-0-2020-36600)
Vulnerability from nvd – Published: 2022-09-16 17:58 – Updated: 2024-08-04 17:30
VLAI?
Summary
Out-of-bounds write vulnerability in the power consumption module. Successful exploitation of this vulnerability may cause the system to restart.
Severity ?
No CVSS data available.
CWE
- Out-of-bounds write vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:30:08.525Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write vulnerability in the power consumption module. Successful exploitation of this vulnerability may cause the system to restart."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds write vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:58:09",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-36600",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds write vulnerability in the power consumption module. Successful exploitation of this vulnerability may cause the system to restart."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds write vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-36600",
"datePublished": "2022-09-16T17:58:09",
"dateReserved": "2022-08-24T00:00:00",
"dateUpdated": "2024-08-04T17:30:08.525Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-39003 (GCVE-0-2022-39003)
Vulnerability from nvd – Published: 2022-09-16 17:58 – Updated: 2024-08-03 11:10
VLAI?
Summary
Buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability will affect the confidentiality and integrity of trusted components.
Severity ?
No CVSS data available.
CWE
- Buffer overflow vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:32.163Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability will affect the confidentiality and integrity of trusted components."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer overflow vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:58:06",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-39003",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability will affect the confidentiality and integrity of trusted components."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer overflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-39003",
"datePublished": "2022-09-16T17:58:06",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:10:32.163Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40019 (GCVE-0-2021-40019)
Vulnerability from nvd – Published: 2022-09-16 17:58 – Updated: 2024-08-04 02:27
VLAI?
Summary
Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds access.
Severity ?
No CVSS data available.
CWE
- Out-of-bounds heap read vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:30.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds heap read vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:58:03",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40019",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds heap read vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40019",
"datePublished": "2022-09-16T17:58:03",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:30.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-39001 (GCVE-0-2022-39001)
Vulnerability from nvd – Published: 2022-09-16 17:57 – Updated: 2025-06-03 17:53
VLAI?
Summary
The number identification module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause data disclosure.
Severity ?
7.5 (High)
CWE
- Path traversal vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:32.038Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-39001",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-03T17:52:36.152822Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T17:53:06.495Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The number identification module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause data disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Path traversal vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:57:48.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-39001",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The number identification module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause data disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path traversal vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-39001",
"datePublished": "2022-09-16T17:57:48.000Z",
"dateReserved": "2022-08-29T00:00:00.000Z",
"dateUpdated": "2025-06-03T17:53:06.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}