Lucene search
HistoryFeb 27, 2023 - 6:15 p.m.
CVE-2022-48305
huawei
children smart watch
simba-al00
identity authentication bypass
access control
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
0
Percentile
13.3%
There is an identity authentication bypass vulnerability in Huawei Children Smart Watch (Simba-AL00) 1.1.1.274. Successful exploitation of this vulnerability may cause the access control function of specific applications to fail.
Affected configurations
Node
huaweisimba-al00_firmwareMatch1.1.1.274
huaweisimba-al00Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| huawei | simba-al00_firmware | 1.1.1.274 | cpe:2.3:o:huawei:simba-al00_firmware:1.1.1.274:*:*:*:*:*:*:* |
| huawei | simba-al00 | - | cpe:2.3:h:huawei:simba-al00:-:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2022-48305
2023-02-27 00:00:00
cve
cve
CVE-2022-48305
2023-02-27 18:15:20
prion
prion
Authentication flaw
2023-02-27 18:15:00
huawei
huawei
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
0
Percentile
13.3%
Related for NVD:CVE-2022-48305