Emui Security Vulnerabilities

CVE-2023-37242

Vulnerability of commands from the modem being intercepted in the atcmdserver module. Attackers may exploit this vulnerability to rewrite the non-volatile random-access memory (NVRAM), or facilitate the exploitation of other...

CVE-2023-34164

Vulnerability of incomplete input parameter verification in the communication framework module. Successful exploitation of this vulnerability may affect...

CVE-2023-1691

Vulnerability of failures to capture exceptions in the communication framework. Successful exploitation of this vulnerability may cause features to perform...

CVE-2022-48513

Vulnerability of identity verification being bypassed in the Gallery module. Successful exploitation of this vulnerability may cause out-of-bounds...

CVE-2022-48509

Race condition vulnerability due to multi-thread access to mutually exclusive resources in Huawei Share. Successful exploitation of this vulnerability may cause the program to exit...

CVE-2022-48508

Inappropriate authorization vulnerability in the system apps. Successful exploitation of this vulnerability may affect service...

CVE-2022-48517

Unauthorized service access vulnerability in the DSoftBus module. Successful exploitation of this vulnerability will affect...

CVE-2022-48512

Use After Free (UAF) vulnerability in the Vdecoderservice service. Successful exploitation of this vulnerability may cause the image decoding feature to perform...

CVE-2022-48510

Input verification vulnerability in the AMS module. Successful exploitation of this vulnerability will cause unauthorized...

CVE-2022-48520

Unauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerability may affect...

CVE-2022-48519

Unauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerability may affect...

CVE-2023-37239

Format string vulnerability in the distributed file system. Attackers who bypass the selinux permission can exploit this vulnerability to crash the...

CVE-2022-48511

Use After Free (UAF) vulnerability in the audio PCM driver module under special conditions. Successful exploitation of this vulnerability may cause audio features to perform...

CVE-2022-48518

Vulnerability of signature verification in the iaware system being initialized later than the time when the system broadcasts are sent. Successful exploitation of this vulnerability may cause malicious apps to start upon power-on by spoofing the package names of apps in the startup trustlist,...

CVE-2023-37238

Vulnerability of apps' permission to access a certain API being incompletely verified in the wireless projection module. Successful exploitation of this vulnerability may affect some wireless projection...

CVE-2023-37241

Input verification vulnerability in the WMS API. Successful exploitation of this vulnerability may cause the device to...

CVE-2023-37240

Vulnerability of missing input length verification in the distributed file system. Successful exploitation of this vulnerability may cause out-of-bounds...

CVE-2023-1695

Vulnerability of failures to capture exceptions in the communication framework. Successful exploitation of this vulnerability may cause features to perform...

CVE-2022-48516

Vulnerability that a unique value can be obtained by a third-party app in the DSoftBus module. Successful exploitation of this vulnerability will affect...

CVE-2022-48515

Vulnerability of inappropriate permission control in Nearby. Successful exploitation of this vulnerability may affect service...

CVE-2022-48507

Vulnerability of identity verification being bypassed in the storage module. Successful exploitation of this vulnerability may affect service...

CVE-2021-46894

Use After Free (UAF) vulnerability in the uinput module.Successful exploitation of this vulnerability may lead to kernel privilege...

CVE-2021-46892

Encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service...

CVE-2021-46893

Vulnerability of unstrict data verification and parameter check. Successful exploitation of this vulnerability may affect...

CVE-2023-3455

Key management vulnerability on system. Successful exploitation of this vulnerability may affect service availability and...

CVE-2021-46891

Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality, integrity, and...

CVE-2021-46890

Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality, integrity, and...

CVE-2023-34158

Vulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this vulnerability can cause third-party apps to hide app icons on the desktop to prevent them from being...

CVE-2023-34156

Vulnerability of services denied by early fingerprint APIs on HarmonyOS products.Successful exploitation of this vulnerability may cause services to be...

CVE-2023-34163

Permission control vulnerability in the window management module.Successful exploitation of this vulnerability may cause features to perform...

CVE-2023-34167

Vulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this vulnerability can cause third-party apps to hide app icons on the desktop to prevent them from being...

CVE-2023-34159

Improper permission control vulnerability in the Notepad app.Successful exploitation of the vulnerability may lead to privilege escalation, which affects availability and...

CVE-2023-34166

Vulnerability of system restart triggered by abnormal callbacks passed to APIs.Successful exploitation of this vulnerability may cause the system to...

CVE-2023-34162

Version update determination vulnerability in the user profile module.Successful exploitation of this vulnerability may cause repeated HMS Core updates and cause services to...

CVE-2023-34161

nappropriate authorization vulnerability in the SettingsProvider module.Successful exploitation of this vulnerability may cause features to perform...

CVE-2023-34160

Vulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this vulnerability can cause third-party apps to hide app icons on the desktop to prevent them from being...

CVE-2023-34155

Vulnerability of unauthorized calling on HUAWEI phones and tablets.Successful exploitation of this vulnerability may affect...

CVE-2022-48489

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect...

CVE-2022-48497

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect...

CVE-2022-48499

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect...

CVE-2022-48495

Vulnerability of unauthorized access to foreground app information.Successful exploitation of this vulnerability may cause foreground app information to be...

CVE-2022-48490

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect...

CVE-2022-48487

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect...

CVE-2022-48498

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect...

CVE-2022-48494

Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become...

CVE-2022-48492

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect...

CVE-2022-48488

Vulnerability of bypassing the default desktop security controls.Successful exploitation of this vulnerability may cause unauthorized modifications to the...

CVE-2022-48486

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect...

CVE-2022-48500

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect...

CVE-2022-48496

Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become...