Vulnerabilities > Huawei > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-10-14 CVE-2022-41578 Out-of-bounds Write vulnerability in Huawei Emui and Harmonyos
The MPTCP module has an out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause root privilege escalation attacks implemented by modifying program information.
network
low complexity
huawei CWE-787
critical
 9.8
9.8
2022-10-14 CVE-2022-41580 Out-of-bounds Read vulnerability in Huawei Emui and Harmonyos
The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.
network
low complexity
huawei CWE-125
critical
 9.8
9.8
2022-10-14 CVE-2022-41581 Unspecified vulnerability in Huawei Emui and Harmonyos
The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.
network
low complexity
huawei
critical
 9.1
9.1
2022-09-16 CVE-2021-40017 Improper Input Validation vulnerability in Huawei Emui and Harmonyos
The HW_KEYMASTER module lacks the validity check of the key format.
network
low complexity
huawei CWE-20
critical
 9.8
9.8
2022-09-16 CVE-2021-40019 Out-of-bounds Read vulnerability in Huawei Emui and Magic UI
Out-of-bounds heap read vulnerability in the HW_KEYMASTER module.
network
low complexity
huawei CWE-125
critical
 9.1
9.1
2022-09-16 CVE-2022-38999 Unspecified vulnerability in Huawei Emui and Harmonyos
The AOD module has the improper update of reference count vulnerability.
network
low complexity
huawei
critical
 9.8
9.8
2022-09-16 CVE-2022-39000 Unspecified vulnerability in Huawei Emui, Harmonyos and Magic UI
The iAware module has a vulnerability in managing malicious apps.Successful exploitation of this vulnerability will cause malicious apps to automatically start upon system startup.
network
low complexity
huawei
critical
 9.8
9.8
2022-09-16 CVE-2022-39002 Double Free vulnerability in Huawei Emui, Harmonyos and Magic UI
Double free vulnerability in the storage module.
network
low complexity
huawei CWE-415
critical
 9.8
9.8
2022-09-16 CVE-2022-39003 Classic Buffer Overflow vulnerability in Huawei Emui and Magic UI
Buffer overflow vulnerability in the video framework.
network
low complexity
huawei CWE-120
critical
 9.1
9.1
2022-09-16 CVE-2022-39007 Unspecified vulnerability in Huawei Emui and Harmonyos
The location module has a vulnerability of bypassing permission verification.Successful exploitation of this vulnerability may cause privilege escalation.
network
low complexity
huawei
critical
 9.8
9.8