Vulnerabilities > CVE-2022-39008 - Deserialization of Untrusted Data vulnerability in Huawei Emui and Harmonyos
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
NONE Summary
The NFC module has bundle serialization/deserialization vulnerabilities. Successful exploitation of this vulnerability may cause third-party apps to read and write files that are accessible only to system apps.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 2 |
Common Weakness Enumeration (CWE)
References
- https://consumer.huawei.com/en/support/bulletin/2022/9/
- https://consumer.huawei.com/en/support/bulletin/2022/9/
- https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845
- https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845