Vulnerabilities > Huawei > Harmonyos > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-12-20 CVE-2022-46316 Improper Authentication vulnerability in Huawei Harmonyos 2.0/2.0.0/2.0.1
A thread security vulnerability exists in the authentication process.
network
low complexity
huawei CWE-287
critical
 9.8
9.8
2022-11-09 CVE-2022-44562 Unspecified vulnerability in Huawei Emui and Harmonyos
The system framework layer has a vulnerability of serialization/deserialization mismatch.
network
low complexity
huawei
critical
 9.8
9.8
2022-11-09 CVE-2022-44559 Deserialization of Untrusted Data vulnerability in Huawei Emui and Harmonyos
The AMS module has a vulnerability of serialization/deserialization mismatch.
network
low complexity
huawei CWE-502
critical
 9.8
9.8
2022-11-09 CVE-2022-44558 Deserialization of Untrusted Data vulnerability in Huawei Emui and Harmonyos
The AMS module has a vulnerability of serialization/deserialization mismatch.
network
low complexity
huawei CWE-502
critical
 9.8
9.8
2022-11-09 CVE-2022-44551 Unspecified vulnerability in Huawei Emui and Harmonyos
The iaware module has a vulnerability in thread security.
network
low complexity
huawei
critical
 9.8
9.8
2022-11-09 CVE-2021-46851 Unspecified vulnerability in Huawei Emui and Harmonyos
The DRM module has a vulnerability in verifying the secure memory attributes.
network
low complexity
huawei
critical
 9.8
9.8
2022-10-14 CVE-2022-41581 Unspecified vulnerability in Huawei Emui and Harmonyos
The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.
network
low complexity
huawei
critical
 9.1
9.1
2022-10-14 CVE-2022-41580 Out-of-bounds Read vulnerability in Huawei Emui and Harmonyos
The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.
network
low complexity
huawei CWE-125
critical
 9.8
9.8
2022-10-14 CVE-2022-41578 Out-of-bounds Write vulnerability in Huawei Emui and Harmonyos
The MPTCP module has an out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause root privilege escalation attacks implemented by modifying program information.
network
low complexity
huawei CWE-787
critical
 9.8
9.8
2022-10-14 CVE-2022-38986 Unspecified vulnerability in Huawei Emui and Harmonyos
The HIPP module has a vulnerability of bypassing the check of the data transferred in the kernel space.Successful exploitation of this vulnerability may cause out-of-bounds access to the HIPP module and page table tampering, affecting device confidentiality and availability.
network
low complexity
huawei
critical
 9.1
9.1