Vulnerabilities > Huawei > Harmonyos > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-09-16 CVE-2022-39007 Unspecified vulnerability in Huawei Emui and Harmonyos
The location module has a vulnerability of bypassing permission verification.Successful exploitation of this vulnerability may cause privilege escalation.
network
low complexity
huawei
critical
9.8
2022-09-16 CVE-2022-39002 Double Free vulnerability in Huawei Emui, Harmonyos and Magic UI
Double free vulnerability in the storage module.
network
low complexity
huawei CWE-415
critical
9.8
2022-09-16 CVE-2022-39000 Unspecified vulnerability in Huawei Emui, Harmonyos and Magic UI
The iAware module has a vulnerability in managing malicious apps.Successful exploitation of this vulnerability will cause malicious apps to automatically start upon system startup.
network
low complexity
huawei
critical
9.8
2022-09-16 CVE-2022-38999 Unspecified vulnerability in Huawei Emui and Harmonyos
The AOD module has the improper update of reference count vulnerability.
network
low complexity
huawei
critical
9.8
2022-09-16 CVE-2021-40017 Improper Input Validation vulnerability in Huawei Emui and Harmonyos
The HW_KEYMASTER module lacks the validity check of the key format.
network
low complexity
huawei CWE-20
critical
9.8
2022-08-10 CVE-2022-37003 Incorrect Default Permissions vulnerability in Huawei Emui, Harmonyos and Magic UI
The AOD module has a vulnerability in permission assignment.
network
low complexity
huawei CWE-276
critical
9.8
2022-08-10 CVE-2022-37002 Unspecified vulnerability in Huawei Emui, Harmonyos and Magic UI
The SystemUI module has a privilege escalation vulnerability.
network
low complexity
huawei
critical
9.8
2022-07-12 CVE-2022-34737 Incorrect Default Permissions vulnerability in Huawei Emui, Harmonyos and Magic UI
The application security module has a vulnerability in permission assignment.
network
low complexity
huawei CWE-276
critical
9.1
2022-06-13 CVE-2021-40036 Out-of-bounds Write vulnerability in Huawei Harmonyos
The bone voice ID TA has a memory overwrite vulnerability.
network
low complexity
huawei CWE-787
critical
9.8
2022-06-13 CVE-2022-31760 Unspecified vulnerability in Huawei Emui, Harmonyos and Magic UI
Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services.
network
low complexity
huawei
critical
9.1