Lucene search
Huawei TechnologiesHUAWEI-SA-IAVIAHCW-21A3ACD8-ENHistoryNov 30, 2022 - 12:00 a.m.
Security Advisory - Improper Authorization Vulnerability in a Huawei Children's Watch
2022-11-3000:00:00
Huawei Technologies
www.huawei.com
24
security advisory
huawei
children's watch
improper authorization
vulnerability
exploit
access
file
cve-2022-45874
software
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
0
Percentile
13.0%
Huawei Aslan Children’s Watch has an improper authorization vulnerability. Successful exploit could allow the attacker to access certain file. (Vulnerability ID:HWPSIRT-2022-62345)
This vulnerability has been assigned a (CVE) ID: CVE-2022-45874
Affected configurations
Node
huaweiaslan-al10_firmwareMatchaslan-al10-ota
ORhuaweiaslan-al10_firmwareMatch11.1.0.118
ORhuaweiaslan-al10_firmwareMatchaslan-al10
ORhuaweiaslan-al10_firmwareMatch11.1.0.118
| Vendor | Product | Version | CPE |
|---|---|---|---|
| huawei | aslan-al10_firmware | aslan-al10-ota | cpe:2.3:o:huawei:aslan-al10_firmware:aslan-al10-ota:*:*:*:*:*:*:* |
| huawei | aslan-al10_firmware | 11.1.0.118 | cpe:2.3:o:huawei:aslan-al10_firmware:11.1.0.118:*:*:*:*:*:*:* |
| huawei | aslan-al10_firmware | aslan-al10 | cpe:2.3:o:huawei:aslan-al10_firmware:aslan-al10:*:*:*:*:*:*:* |
Related
prion
prion
Authorization
2022-12-28 18:15:00
cvelist
cvelist
CVE-2022-45874
2022-12-28 00:00:00
nvd
nvd
CVE-2022-45874
2022-12-28 18:15:09
cve
cve
CVE-2022-45874
2022-12-28 18:15:09
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
0
Percentile
13.0%
Related for HUAWEI-SA-IAVIAHCW-21A3ACD8-EN