Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-38995

Summary
Assigner-huawei
Assigner Org ID-25ac1063-e409-4190-8079-24548c77ea2e
Published At-16 Sep, 2022 | 17:57
Updated At-03 Aug, 2024 | 11:10
Rejected At-
Credits

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:huawei
Assigner Org ID:25ac1063-e409-4190-8079-24548c77ea2e
Published At:16 Sep, 2022 | 17:57
Updated At:03 Aug, 2024 | 11:10
Rejected At:
▼CVE Numbering Authority (CNA)

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.

Affected Products
Vendor
Huawei Technologies Co., Ltd.Huawei
Product
HarmonyOS
Versions
Affected
  • 2.0
  • 2.1
Vendor
Huawei Technologies Co., Ltd.Huawei
Product
EMUI
Versions
Affected
  • 12.0.0
Problem Types
TypeCWE IDDescription
textN/AConfiguration defects
Type: text
CWE ID: N/A
Description: Configuration defects
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845
x_refsource_MISC
https://consumer.huawei.com/en/support/bulletin/2022/9/
x_refsource_MISC
Hyperlink: https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845
Resource:
x_refsource_MISC
Hyperlink: https://consumer.huawei.com/en/support/bulletin/2022/9/
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845
x_refsource_MISC
x_transferred
https://consumer.huawei.com/en/support/bulletin/2022/9/
x_refsource_MISC
x_transferred
Hyperlink: https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://consumer.huawei.com/en/support/bulletin/2022/9/
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@huawei.com
Published At:16 Sep, 2022 | 18:15
Updated At:17 Sep, 2022 | 03:12

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
Huawei Technologies Co., Ltd.
huawei
>>emui>>12.0.0
cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>harmonyos>>2.0
cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>harmonyos>>2.1
cpe:2.3:o:huawei:harmonyos:2.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://consumer.huawei.com/en/support/bulletin/2022/9/psirt@huawei.com
Vendor Advisory
https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845psirt@huawei.com
Vendor Advisory
Hyperlink: https://consumer.huawei.com/en/support/bulletin/2022/9/
Source: psirt@huawei.com
Resource:
Vendor Advisory
Hyperlink: https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845
Source: psirt@huawei.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

348Records found
CVE-2020-1816
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.86% / 53.93%
||
7 Day CHG~0.00%
Published-17 Feb, 2020 | 23:24
Updated-04 Aug, 2024 | 06:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Denial of Service (DoS) vulnerability. Due to improper processing of specific IPSEC packets, remote attackers can send constructed IPSEC packets to affected devices to exploit this vulnerability. Successful exploit could cause the IPSec function of the affected device abnormal.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-usg9500_firmwaresecospace_usg6600nip6800_firmwarenip6800secospace_usg6600_firmwareusg9500NIP6800Secospace USG6600, USG9500
CVE-2020-1870
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.74% / 50.05%
||
7 Day CHG~0.00%
Published-29 May, 2020 | 19:13
Updated-04 Aug, 2024 | 06:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a denial of service vulnerability in some Huawei products. Due to improper memory management, memory leakage may occur in some special cases. Attackers can perform a series of operations to exploit this vulnerability. Successful exploit may cause a denial of service. Affected product versions include: CloudEngine 12800 versions V200R019C00SPC800; CloudEngine 5800 versions V200R019C00SPC800; CloudEngine 6800 versions V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 versions V200R019C00SPC800; NE40E versions V800R011C00SPC200, V800R011C00SPC300, V800R011C10SPC100; NE40E-F versions V800R011C00SPC200, V800R011C10SPC100; NE40E-M versions V800R011C00SPC200, V800R011C10SPC100.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-cloudengine_6800_firmwarecloudengine_12800cloudengine_6800cloudengine_12800_firmwareNE40ECloudEngine 5800NE40E-MCloudEngine 7800NE40E-FCloudEngine 12800CloudEngine 6800
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2020-1815
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.72% / 49.31%
||
7 Day CHG~0.00%
Published-17 Feb, 2020 | 23:18
Updated-04 Aug, 2024 | 06:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a memory leak vulnerability. The software does not sufficiently track and release allocated memory while parse certain message, the attacker sends the message continuously that could consume remaining memory. Successful exploit could cause memory exhaust.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-usg9500_firmwaresecospace_usg6600nip6800_firmwarenip6800secospace_usg6600_firmwareusg9500NIP6800Secospace USG6600, USG9500
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2020-1858
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.77% / 50.83%
||
7 Day CHG~0.00%
Published-17 Feb, 2020 | 19:30
Updated-04 Aug, 2024 | 06:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei products NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; Secospace USG6600 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100; and USG9500 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have a denial of service vulnerability. Attackers need to perform a series of operations in a special scenario to exploit this vulnerability. Successful exploit may cause the new connections can't be established, result in a denial of service.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-usg9500_firmwaresecospace_usg6600nip6800_firmwarenip6800secospace_usg6600_firmwareusg9500NIP6800Secospace USG6600USG9500
CVE-2020-1829
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.74% / 50.05%
||
7 Day CHG~0.00%
Published-17 Feb, 2020 | 20:16
Updated-04 Aug, 2024 | 06:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei NIP6800 versions V500R001C30 and V500R001C60SPC500; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, and V500R001C60SPC500 have a vulnerability that the IPSec module handles a message improperly. Attackers can send specific message to cause double free memory. This may compromise normal service.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-usg9500_firmwaresecospace_usg6600nip6800_firmwarenip6800secospace_usg6600_firmwareusg9500NIP6800Secospace USG6600USG9500
CWE ID-CWE-415
Double Free
CVE-2020-1881
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.78% / 51.08%
||
7 Day CHG~0.00%
Published-28 Feb, 2020 | 18:33
Updated-04 Aug, 2024 | 06:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-oceanstor_5310usg9500_firmwarenip6800_firmwarenip6800secospace_usg6600_firmwareoceanstor_5310_firmwareusg9500secospace_usg6600NIP6800;Secospace USG6600;USG9500
CVE-2020-1828
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.74% / 50.05%
||
7 Day CHG~0.00%
Published-17 Feb, 2020 | 19:49
Updated-04 Aug, 2024 | 06:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have an input validation vulnerability where the IPSec module does not validate a field in a specific message. Attackers can send specific message to cause out-of-bound read, compromising normal service.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-usg9500_firmwaresecospace_usg6600nip6800_firmwarenip6800secospace_usg6600_firmwareusg9500NIP6800Secospace USG6600USG9500
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2021-22332
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.68% / 47.56%
||
7 Day CHG~0.00%
Published-28 Apr, 2021 | 12:10
Updated-03 Aug, 2024 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a pointer double free vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. When a function is called, the same memory pointer is copied to two functional modules. Attackers can exploit this vulnerability by performing a malicious operation to cause the pointer double free. This may lead to module crash, compromising normal service.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-cloudengine_7800cloudengine_5800_firmwarecloudengine_5800cloudengine_6800_firmwarecloudengine_6800cloudengine_7800_firmwarecloudengine_12800cloudengine_12800_firmwareCloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800
CWE ID-CWE-415
Double Free
CVE-2021-22368
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.64% / 46.07%
||
7 Day CHG~0.00%
Published-30 Jun, 2021 | 17:20
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Permission Control Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect normal use of the device.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-magic_uiemuiEMUI;Magic UI
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2025-54610
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.4||MEDIUM
EPSS-0.17% / 6.44%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 01:15
Updated-12 Aug, 2025 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds access vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2024-54107
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.1||HIGH
EPSS-0.22% / 12.98%
||
7 Day CHG~0.00%
Published-12 Dec, 2024 | 12:01
Updated-18 Sep, 2025 | 07:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-54108
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.23% / 13.81%
||
7 Day CHG~0.00%
Published-12 Dec, 2024 | 12:03
Updated-18 Sep, 2025 | 07:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-54635
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.9||MEDIUM
EPSS-0.14% / 3.40%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 02:30
Updated-11 Aug, 2025 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of returning released pointers in the distributed notification service. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-416
Use After Free
CVE-2020-9120
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.74% / 49.75%
||
7 Day CHG~0.00%
Published-24 Dec, 2020 | 15:51
Updated-04 Aug, 2024 | 10:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CloudEngine 1800V versions V100R019C10SPC500 has a resource management error vulnerability. Remote unauthorized attackers could send specific types of messages to the device, resulting in the message received by the system can't be forwarded normally.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-cloudengine_1800vCloudEngine 1800V
CVE-2025-53183
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.18% / 7.17%
||
7 Day CHG~0.00%
Published-07 Jul, 2025 | 02:29
Updated-09 Jul, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-53179
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.18% / 7.17%
||
7 Day CHG~0.00%
Published-07 Jul, 2025 | 02:16
Updated-09 Jul, 2025 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-53180
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.18% / 7.17%
||
7 Day CHG~0.00%
Published-07 Jul, 2025 | 02:20
Updated-09 Jul, 2025 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-53181
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.18% / 7.17%
||
7 Day CHG~0.00%
Published-07 Jul, 2025 | 02:22
Updated-09 Jul, 2025 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-53184
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.18% / 7.17%
||
7 Day CHG~0.00%
Published-07 Jul, 2025 | 02:35
Updated-09 Jul, 2025 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-53182
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.18% / 7.17%
||
7 Day CHG~0.00%
Published-07 Jul, 2025 | 02:24
Updated-09 Jul, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-47293
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-4.7||MEDIUM
EPSS-0.20% / 9.70%
||
7 Day CHG~0.00%
Published-27 Sep, 2024 | 10:21
Updated-01 Oct, 2024 | 14:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write vulnerability in the HAL-WIFI module Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-130
Improper Handling of Length Parameter Inconsistency
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-7266
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.26% / 17.75%
||
7 Day CHG~0.00%
Published-28 Dec, 2024 | 07:00
Updated-13 Jan, 2025 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some Huawei home routers have a connection hijacking vulnerability. Successful exploitation of this vulnerability may cause DoS or information leakage.(Vulnerability ID:HWPSIRT-2023-76605) This vulnerability has been assigned a (CVE)ID:CVE-2023-7266

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-ws7206-10ws7200-10tc7001-10tc7001-10_firmwarews7200-10_firmwarews7206-10_firmwareTC7001-10WS7206-10WS7200-10
CWE ID-CWE-420
Unprotected Alternate Channel
CVE-2019-19415
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.88% / 54.57%
||
7 Day CHG~0.00%
Published-08 Jul, 2020 | 16:58
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-ar2200_firmwareusg9560_firmwareviewpoint_9030ips_modulear3200_firmwarear2200espace_u1930te60viewpoint_8660_firmwaresrg3300nip6300_firmwarete30netengine16exar120-s_firmwareusg9560svn5800-c_firmwarengfw_moduledp300ar200-sespace_u1911ar120-ssoftco_firmwarear510usg9520ar150-ssemg9811_firmwarete60_firmwaresrg2300secospace_usg6500_firmwaresvn5800ar150_firmwareips_module_firmwaresecospace_usg6600_firmwarear3600ar3200semg9811dp300_firmwarear200-s_firmwareespace_u1910softcosvn5600ar160_firmwarevp9660_firmwareusg9520_firmwareespace_u1960netengine16ex_firmwaresecospace_usg6600viewpoint_9030_firmwarear1200te30_firmwarevp9660srg1300srg1300_firmwaresecospace_usg6300espace_u1980srg2300_firmwarete40srg3300_firmwareespace_u1910_firmwareespace_u1930_firmwaresmc2.0_firmwarear1200-s_firmwareusg9500te50espace_u1911_firmwarerse6500nip6600espace_u1981_firmwarenip6800_firmwareespace_u1981ar160espace_u1980_firmwarenip6300secospace_usg6500usg9500_firmwaresvn5800_firmwarear2200-stp3206tp3206_firmwaresvn5600_firmwarear510_firmwarear150-s_firmwarear1200-sar150smc2.0ngfw_module_firmwarear1200_firmwarear200espace_u1960_firmwarear3600_firmwarear2200-s_firmwarenip6800te40_firmwarerse6500_firmwareviewpoint_8660ar200_firmwarenip6600_firmwaresvn5800-cte50_firmwaresecospace_usg6300_firmwareSoftCoeSpace U1960NGFW ModuleSMC2.0TP3206USG9500ViewPoint 9030eSpace U1911TE50SRG1300TE40AR2200-SVP9660eSpace U1980SVN5800AR160NIP6300SVN5600NetEngine16EXAR1200AR150AR2200IPS ModuleViewPoint 8660AR150-SNIP6600TE30NIP6800Secospace USG6600USG9520RSE6500eSpace U1910DP300eSpace U1981USG9560TE60AR120-SAR510Secospace USG6300SRG2300SRG3300AR3200AR1200-SSVN5800-CSeMG9811AR3600eSpace U1930AR200Secospace USG6500AR200-S
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2023-52537
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.36% / 27.73%
||
7 Day CHG~0.00%
Published-08 Apr, 2024 | 08:40
Updated-13 Mar, 2025 | 15:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of package name verification being bypassed in the HwIms module. Impact: Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUIharmonyosemui
CWE ID-CWE-280
Improper Handling of Insufficient Permissions or Privileges
CWE ID-CWE-284
Improper Access Control
CVE-2023-52366
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.38% / 29.65%
||
7 Day CHG~0.00%
Published-18 Feb, 2024 | 03:27
Updated-13 Mar, 2025 | 14:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds read vulnerability in the smart activity recognition module.Successful exploitation of this vulnerability may cause features to perform abnormally.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUIharmonyosemui
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-52375
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.23% / 13.74%
||
7 Day CHG~0.00%
Published-18 Feb, 2024 | 06:05
Updated-26 Mar, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Permission control vulnerability in the WindowManagerServices module.Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiEMUIHarmonyOS
CWE ID-CWE-284
Improper Access Control
CVE-2023-52954
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-4.4||MEDIUM
EPSS-0.14% / 4.13%
||
7 Day CHG~0.00%
Published-08 Jan, 2025 | 01:51
Updated-13 Jan, 2025 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of improper permission control in the Gallery module Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-701
Not Available
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-52716
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.35% / 26.86%
||
7 Day CHG~0.00%
Published-07 Apr, 2024 | 09:01
Updated-13 Mar, 2025 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of starting activities in the background in the ActivityManagerService (AMS) module. Impact: Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUIemuiharmonyos
CWE ID-CWE-269
Improper Privilege Management
CVE-2023-52715
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.35% / 26.87%
||
7 Day CHG~0.00%
Published-07 Apr, 2024 | 09:00
Updated-28 Mar, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SystemUI module has a vulnerability in permission management. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-52362
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.35% / 27.17%
||
7 Day CHG~0.00%
Published-18 Feb, 2024 | 03:00
Updated-13 Mar, 2025 | 14:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Permission management vulnerability in the lock screen module.Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUIharmonyosemui
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-52955
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.22% / 12.65%
||
7 Day CHG~0.00%
Published-08 Jan, 2025 | 02:00
Updated-13 Jan, 2025 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of improper authentication in the ANS system service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-264
Not Available
CWE ID-CWE-287
Improper Authentication
CVE-2023-52540
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.40% / 31.29%
||
7 Day CHG~0.00%
Published-08 Apr, 2024 | 08:46
Updated-28 Mar, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of improper authentication in the Iaware module. Impact: Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiEMUIHarmonyOS
CWE ID-CWE-287
Improper Authentication
CVE-2023-52545
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.35% / 26.86%
||
7 Day CHG~0.00%
Published-08 Apr, 2024 | 08:53
Updated-13 Mar, 2025 | 15:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of undefined permissions in the Calendar app. Impact: Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUIharmonyosemui
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-52552
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.38% / 29.65%
||
7 Day CHG~0.00%
Published-08 Apr, 2024 | 08:58
Updated-13 Mar, 2025 | 15:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Input verification vulnerability in the power module. Impact: Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUIharmonyosemui
CWE ID-CWE-20
Improper Input Validation
CVE-2023-52386
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.38% / 29.65%
||
7 Day CHG~0.00%
Published-08 Apr, 2024 | 09:19
Updated-27 Mar, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write vulnerability in the RSMC module. Impact: Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiEMUIHarmonyOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-52359
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.35% / 26.87%
||
7 Day CHG~0.00%
Published-08 Apr, 2024 | 08:51
Updated-27 Mar, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of permission verification in some APIs in the ActivityTaskManagerService module. Impact: Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiEMUIHarmonyOS
CWE ID-CWE-285
Improper Authorization
CVE-2023-52388
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.35% / 26.86%
||
7 Day CHG~0.00%
Published-08 Apr, 2024 | 08:39
Updated-13 Mar, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Permission control vulnerability in the clock module. Impact: Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUIemuiharmonyos
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-52357
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.2||MEDIUM
EPSS-0.29% / 20.81%
||
7 Day CHG~0.00%
Published-18 Feb, 2024 | 02:56
Updated-06 Dec, 2024 | 19:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of serialization/deserialization mismatch in the vibration framework.Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2023-52372
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.38% / 29.65%
||
7 Day CHG~0.00%
Published-18 Feb, 2024 | 03:51
Updated-13 Mar, 2025 | 14:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of input parameter verification in the motor module.Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUIharmonyosemui
CWE ID-CWE-20
Improper Input Validation
CVE-2023-52100
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.38% / 29.59%
||
7 Day CHG~0.00%
Published-16 Jan, 2024 | 09:15
Updated-02 Jun, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Celia Keyboard module has a vulnerability in access control. Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CVE-2023-52098
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.38% / 29.65%
||
7 Day CHG~0.00%
Published-16 Jan, 2024 | 09:08
Updated-11 Jun, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of Service (DoS) vulnerability in the DMS module. Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-116
Improper Encoding or Escaping of Output
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-52113
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.38% / 29.65%
||
7 Day CHG~0.00%
Published-16 Jan, 2024 | 07:58
Updated-20 Jun, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

launchAnyWhere vulnerability in the ActivityManagerService module. Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiEMUIHarmonyOS
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-52116
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.35% / 26.86%
||
7 Day CHG~0.00%
Published-16 Jan, 2024 | 08:24
Updated-02 Jun, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Permission management vulnerability in the multi-screen interaction module. Successful exploitation of this vulnerability may cause service exceptions of the device.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiEMUIHarmonyOS
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2023-52105
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.35% / 26.83%
||
7 Day CHG~0.00%
Published-16 Jan, 2024 | 09:24
Updated-27 Aug, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The nearby module has a privilege escalation vulnerability. Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOSharmonyos
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-284
Improper Access Control
CVE-2023-52110
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.38% / 29.66%
||
7 Day CHG~0.00%
Published-16 Jan, 2024 | 07:54
Updated-20 Jun, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sensor module has an out-of-bounds access vulnerability.Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-52115
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.38% / 29.65%
||
7 Day CHG~0.00%
Published-16 Jan, 2024 | 08:22
Updated-13 Jun, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The iaware module has a Use-After-Free (UAF) vulnerability. Successful exploitation of this vulnerability may affect the system functions.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-416
Use After Free
CVE-2023-52108
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.38% / 29.65%
||
7 Day CHG~0.00%
Published-16 Jan, 2024 | 08:43
Updated-02 Jun, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of process priorities being raised in the ActivityManagerService module. Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiEMUIHarmonyOS
CVE-2022-48498
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.43% / 34.66%
||
7 Day CHG+0.07%
Published-19 Jun, 2023 | 00:00
Updated-12 Dec, 2024 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiEMUI
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2023-46768
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.51% / 39.80%
||
7 Day CHG~0.00%
Published-08 Nov, 2023 | 02:51
Updated-04 Sep, 2024 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multi-thread vulnerability in the idmap module. Successful exploitation of this vulnerability may cause features to perform abnormally.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiHarmonyOSEMUI
CWE ID-CWE-416
Use After Free
CVE-2023-46772
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.51% / 39.80%
||
7 Day CHG~0.00%
Published-08 Nov, 2023 | 09:06
Updated-04 Sep, 2024 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of parameters being out of the value range in the QMI service module. Successful exploitation of this vulnerability may cause errors in reading file data.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiEMUIemui
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 6
  • 7
  • Next
Details not found