Vulnerabilities > Huawei > Emui > 11.0.1

DATE CVE VULNERABILITY TITLE RISK
2022-09-16 CVE-2021-40017 Improper Input Validation vulnerability in Huawei Emui and Harmonyos
The HW_KEYMASTER module lacks the validity check of the key format.
network
low complexity
huawei CWE-20
critical
 9.8
9.8
2022-09-16 CVE-2022-39000 Unspecified vulnerability in Huawei Emui, Harmonyos and Magic UI
The iAware module has a vulnerability in managing malicious apps.Successful exploitation of this vulnerability will cause malicious apps to automatically start upon system startup.
network
low complexity
huawei
critical
 9.8
9.8
2022-09-16 CVE-2022-39001 Path Traversal vulnerability in Huawei Emui, Harmonyos and Magic UI
The number identification module has a path traversal vulnerability.
network
low complexity
huawei CWE-22
7.5
7.5
2022-09-16 CVE-2022-39004 Memory Leak vulnerability in Huawei Emui, Harmonyos and Magic UI
The MPTCP module has the memory leak vulnerability.
network
low complexity
huawei CWE-401
7.5
7.5
2022-09-16 CVE-2022-39005 Memory Leak vulnerability in Huawei Emui, Harmonyos and Magic UI
The MPTCP module has the memory leak vulnerability.
network
low complexity
huawei CWE-401
7.5
7.5
2022-09-16 CVE-2022-39006 Race Condition vulnerability in Huawei Emui, Harmonyos and Magic UI
The MPTCP module has the race condition vulnerability.
network
high complexity
huawei CWE-362
5.9
5.9
2022-08-10 CVE-2022-37002 Unspecified vulnerability in Huawei Emui, Harmonyos and Magic UI
The SystemUI module has a privilege escalation vulnerability.
network
low complexity
huawei
critical
 9.8
9.8
2022-08-10 CVE-2022-37004 Unspecified vulnerability in Huawei Emui, Harmonyos and Magic UI
The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE).
network
low complexity
huawei
7.5
7.5
2022-08-10 CVE-2022-37005 Argument Injection or Modification vulnerability in Huawei Emui, Harmonyos and Magic UI
The Settings application has an argument injection vulnerability.
network
low complexity
huawei CWE-88
7.5
7.5
2022-08-10 CVE-2022-37008 Insufficient Verification of Data Authenticity vulnerability in Huawei Emui, Harmonyos and Magic UI
The recovery module has a vulnerability of bypassing the verification of an update package before use.
network
low complexity
huawei CWE-345
7.5
7.5