Lucene search

[email protected]NVD:CVE-2022-41576

HistoryOct 14, 2022 - 4:15 p.m.

CVE-2022-41576

2022-10-1416:15:20

[email protected]

web.nvd.nist.gov

rphone module

script modification

user devices

vulnerability

exploitation

irreversible programs

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

12.6%

JSON

The rphone module has a script that can be maliciously modified.Successful exploitation of this vulnerability may cause irreversible programs to be implanted on user devices.

Affected configurations

NVD

Node

huaweiemuiMatch11.0.1

huaweiemuiMatch12.0.0

huaweiharmonyosMatch2.0

References

consumer.huawei.com/en/support/bulletin/2022/10/

device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202210-0000001416095697

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2022-41576

cve1 prion1 cvelist1