Vulnerabilities > CVE-2022-41600 - NULL Pointer Dereference vulnerability in Huawei Emui and Harmonyos

CVSS 3.4 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

LOW

local

low complexity

huawei

CWE-476

NVD

Published: 2022-10-14

Updated: 2022-10-15

Summary

The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.

Vulnerable Configurations

Part	Description	Count
OS	Huawei Huawei Harmonyos 2.0 Huawei Emui 11.0.1 Huawei Emui 12.0.0	3

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202210-0000001416095697
https://consumer.huawei.com/en/support/bulletin/2022/10/