Vulnerabilities > Huawei > Harmonyos > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-10-14 CVE-2022-41580 Out-of-bounds Read vulnerability in Huawei Emui and Harmonyos
The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.
network
low complexity
huawei CWE-125
critical
9.8
2022-10-14 CVE-2022-41578 Out-of-bounds Write vulnerability in Huawei Emui and Harmonyos
The MPTCP module has an out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause root privilege escalation attacks implemented by modifying program information.
network
low complexity
huawei CWE-787
critical
9.8
2022-10-14 CVE-2022-38986 Unspecified vulnerability in Huawei Emui and Harmonyos
The HIPP module has a vulnerability of bypassing the check of the data transferred in the kernel space.Successful exploitation of this vulnerability may cause out-of-bounds access to the HIPP module and page table tampering, affecting device confidentiality and availability.
network
low complexity
huawei
critical
9.1
2022-10-14 CVE-2022-38983 Use After Free vulnerability in Huawei Emui and Harmonyos
The BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this vulnerability may result in arbitrary code execution.
network
low complexity
huawei CWE-416
critical
9.8
2022-10-14 CVE-2022-38982 Unspecified vulnerability in Huawei Harmonyos 2.0
The fingerprint module has service logic errors.Successful exploitation of this vulnerability will cause the phone lock to be cracked.
network
low complexity
huawei
critical
9.8
2022-10-14 CVE-2022-38980 Out-of-bounds Write vulnerability in Huawei Harmonyos 2.0/2.1
The HwAirlink module has a heap overflow vulnerability in processing data packets of the proprietary protocol.Successful exploitation of this vulnerability may allow attackers to obtain process control permissions.
network
low complexity
huawei CWE-787
critical
9.8
2022-10-14 CVE-2021-46840 Out-of-bounds Read vulnerability in Huawei Emui and Harmonyos
The HW_KEYMASTER module has an out-of-bounds access vulnerability in parameter set verification.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.
network
low complexity
huawei CWE-125
critical
9.1
2022-10-14 CVE-2021-46839 Out-of-bounds Read vulnerability in Huawei Emui and Harmonyos
The HW_KEYMASTER module has a vulnerability of missing bounds check on length.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.
network
low complexity
huawei CWE-125
critical
9.1
2022-09-16 CVE-2022-39009 Improper Authentication vulnerability in Huawei Emui and Harmonyos
The WLAN module has a vulnerability in permission verification.
network
low complexity
huawei CWE-287
critical
9.8
2022-09-16 CVE-2022-39008 Deserialization of Untrusted Data vulnerability in Huawei Emui and Harmonyos
The NFC module has bundle serialization/deserialization vulnerabilities.
network
low complexity
huawei CWE-502
critical
9.1