Harmonyos Security Vulnerabilities
Vulnerability of unauthorized access to foreground app information.Successful exploitation of this vulnerability may cause foreground app information to be...
5.3CVSS
6.4AI Score
0.0005EPSS
Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become...
7.5CVSS
6.6AI Score
0.0005EPSS
Vulnerability of bypassing the default desktop security controls.Successful exploitation of this vulnerability may cause unauthorized modifications to the...
5.3CVSS
6.7AI Score
0.0005EPSS
Vulnerability of missing authentication on certain HUAWEI phones.Successful exploitation of this vulnerability can lead to ads and other windows to display at any...
5.3CVSS
6.9AI Score
0.0005EPSS
Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become...
7.5CVSS
6.6AI Score
0.0005EPSS
Vulnerability of undefined permissions in HUAWEI VR screen projection.Successful exploitation of this vulnerability will cause third-party apps to create windows in an arbitrary way, consuming system...
8.2CVSS
8.1AI Score
0.0005EPSS
Vulnerability of HwWatchHealth being hijacked.Successful exploitation of this vulnerability may cause repeated pop-up windows of the...
6.5CVSS
6.4AI Score
0.0005EPSS
Unauthorized access vulnerability in the Save for later feature provided by AI Touch.Successful exploitation of this vulnerability may cause third-party apps to forge a URI for unauthorized access with zero...
5.3CVSS
5.2AI Score
0.0005EPSS
The hwPartsDFR module has a vulnerability in API calling verification. Successful exploitation of this vulnerability may affect device...
7.5CVSS
7.5AI Score
0.001EPSS
The Gallery app has the risk of hijacking attacks. Successful exploitation of this vulnerability may cause download failures and affect product...
3.3CVSS
4.4AI Score
0.0004EPSS
The SDK for the MediaPlaybackController module has improper permission verification. Successful exploitation of this vulnerability may affect...
7.5CVSS
7.5AI Score
0.001EPSS
The reminder module lacks an authentication mechanism for broadcasts received. Successful exploitation of this vulnerability may affect...
7.5CVSS
7.7AI Score
0.0005EPSS
The facial recognition TA of some products has the out-of-bounds memory read vulnerability. Successful exploitation of this vulnerability may cause exceptions of the facial recognition...
9.8CVSS
9.2AI Score
0.001EPSS
The facial recognition TA of some products lacks memory length verification. Successful exploitation of this vulnerability may cause exceptions of the facial recognition...
9.8CVSS
9.3AI Score
0.001EPSS
The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect...
7.5CVSS
7.5AI Score
0.0005EPSS
The online authentication provided by the hwKitAssistant lacks strict identity verification of applications. Successful exploitation of this vulnerability may affect availability of features,such as...
5.3CVSS
5.5AI Score
0.0005EPSS
The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect...
7.5CVSS
7.5AI Score
0.0005EPSS
The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect...
7.5CVSS
7.5AI Score
0.0005EPSS
The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect...
7.5CVSS
7.5AI Score
0.0005EPSS
The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect...
7.5CVSS
7.5AI Score
0.0005EPSS
The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect...
7.5CVSS
7.5AI Score
0.0005EPSS
The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect...
7.5CVSS
7.8AI Score
0.001EPSS
The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect...
7.5CVSS
7.8AI Score
0.001EPSS
The multimedia video module has a vulnerability in data processing.Successful exploitation of this vulnerability may affect...
7.5CVSS
7.5AI Score
0.001EPSS
The window management module lacks permission verification.Successful exploitation of this vulnerability may affect...
7.5CVSS
7.5AI Score
0.001EPSS
The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect...
6.5CVSS
6.4AI Score
0.001EPSS
The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect...
6.5CVSS
6.4AI Score
0.001EPSS
The HwPCAssistant module has the out-of-bounds read/write vulnerability. Successful exploitation of this vulnerability may affect confidentiality and...
9.1CVSS
9.1AI Score
0.001EPSS
The SystemUI module has a vulnerability of repeated app restart due to improper parameters. Successful exploitation of this vulnerability may affect...
7.5CVSS
7.5AI Score
0.001EPSS
The InputMethod module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege...
7.8CVSS
7.6AI Score
0.0004EPSS
The pgmng module has a vulnerability in serialization/deserialization. Successful exploitation of this vulnerability may affect...
7.5CVSS
7.5AI Score
0.001EPSS
The Always On Display (AOD) has a path traversal vulnerability in theme files. Successful exploitation of this vulnerability may cause a failure in reading AOD theme...
5.3CVSS
5.3AI Score
0.001EPSS
The facial recognition module has a vulnerability in input parameter verification. Successful exploitation of this vulnerability may cause failed facial...
7.5CVSS
7.5AI Score
0.001EPSS
Some smartphones have data initialization issues. Successful exploitation of this vulnerability may cause a system...
7.5CVSS
7.5AI Score
0.001EPSS
The Bluetooth module has a heap out-of-bounds read vulnerability. Successful exploitation of this vulnerability can cause the Bluetooth process to...
6.5CVSS
6.3AI Score
0.001EPSS
Some smartphones have configuration issues. Successful exploitation of this vulnerability may cause kernel privilege escalation, which results in system service...
9.8CVSS
9.2AI Score
0.002EPSS
The HUAWEI Messaging app has a vulnerability of unauthorized file access. Successful exploitation of this vulnerability may affect...
7.5CVSS
7.5AI Score
0.001EPSS
The facial recognition module has a vulnerability in file permission control. Successful exploitation of this vulnerability may affect...
7.5CVSS
7.5AI Score
0.001EPSS
The BatteryHealthActivity has a redirection vulnerability. Successful exploitation of this vulnerability by a malicious app can cause service...
7.4CVSS
7.4AI Score
0.001EPSS
Some products have the double fetch vulnerability. Successful exploitation of this vulnerability may cause denial of service (DoS) attacks to the...
7.5CVSS
7.4AI Score
0.001EPSS
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect...
7.5CVSS
7.5AI Score
0.001EPSS
The recovery mode for updates has a vulnerability that causes arbitrary disk modification. Successful exploitation of this vulnerability may affect...
7.5CVSS
7.6AI Score
0.001EPSS
The Bluetooth module has a heap out-of-bounds write vulnerability. Successful exploitation of this vulnerability can cause the Bluetooth process to...
6.5CVSS
6.5AI Score
0.001EPSS
The control component has a spoofing vulnerability. Successful exploitation of this vulnerability may affect confidentiality and...
9.1CVSS
9AI Score
0.002EPSS
The MediaProvider module has a vulnerability in permission verification. Successful exploitation of this vulnerability may affect...
7.5CVSS
7.5AI Score
0.001EPSS
The MediaProvider module has a vulnerability of unauthorized data read. Successful exploitation of this vulnerability may affect confidentiality and...
9.1CVSS
9AI Score
0.001EPSS
The HwContacts module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect...
7.5CVSS
7.5AI Score
0.001EPSS
The Bluetooth module has an authentication bypass vulnerability in the pairing process. Successful exploitation of this vulnerability may affect...
6.5CVSS
6.7AI Score
0.001EPSS
The WMS module lacks the authentication mechanism in some APIs. Successful exploitation of this vulnerability may affect data...
7.5CVSS
7.6AI Score
0.001EPSS
The AMS module has a vulnerability of lacking permission verification in APIs.Successful exploitation of this vulnerability may affect data...
7.5CVSS
7.5AI Score
0.001EPSS