Lucene search

HuaweiCVELIST:CVE-2024-39672

HistoryJul 25, 2024 - 11:56 a.m.

CVE-2024-39672

2024-07-2511:56:34

CWE-416

huawei

www.cve.org

memory module

integrity

availability

exploitation

CVSS3

8.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

9.4%

JSON

Memory request logic vulnerability in the memory module.
Impact: Successful exploitation of this vulnerability will affect integrity and availability.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "HarmonyOS",
    "vendor": "Huawei",
    "versions": [
      {
        "status": "affected",
        "version": "4.2.0"
      },
      {
        "status": "affected",
        "version": "4.0.0"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "EMUI",
    "vendor": "Huawei",
    "versions": [
      {
        "status": "affected",
        "version": "14.0.0"
      }
    ]
  }
]

References

consumer.huawei.com/en/support/bulletin/2024/7/

CVSS3

8.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

9.4%

JSON

Related for CVELIST:CVE-2024-39672