Magic Ui Security Vulnerabilities
There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability will affect availability.
7.5CVSS
7.6AI Score
0.001EPSS
There is a permission control vulnerability in the PMS module. Successful exploitation of this vulnerability can lead to sensitive system information being obtained without authorization.
7.5CVSS
7.3AI Score
0.002EPSS
There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this vulnerability may cause stack overflow.
9.8CVSS
9.3AI Score
0.002EPSS
There is an unauthorized access vulnerability in system components. Successful exploitation of this vulnerability will affect confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
There is an incorrect buffer size calculation vulnerability in the video framework.Successful exploitation of this vulnerability may affect availability.
7.5CVSS
7.6AI Score
0.001EPSS
There is a permission control vulnerability in the Nearby module.Successful exploitation of this vulnerability will affect availability and integrity.
9.1CVSS
9.1AI Score
0.001EPSS
There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of this vulnerability may affect integrity.
7.5CVSS
7.5AI Score
0.001EPSS
There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity.
5.9CVSS
5.6AI Score
0.001EPSS
There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.
7.5CVSS
7.6AI Score
0.001EPSS
There is a heap-based and stack-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.
7.5CVSS
7.7AI Score
0.001EPSS
There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.
7.5CVSS
7.7AI Score
0.001EPSS
There is a permission control vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect confidentiality.
6.5CVSS
6.4AI Score
0.001EPSS
There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.
7.5CVSS
7.7AI Score
0.001EPSS
There is a vulnerability of accessing resources using an incompatible type (type confusion) in the Bastet module. Successful exploitation of this vulnerability may affect integrity.
7.5CVSS
7.5AI Score
0.001EPSS
There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.
7.5CVSS
7.6AI Score
0.001EPSS
There is an improper access control vulnerability in the video module. Successful exploitation of this vulnerability may affect confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
There is a heap-based buffer overflow vulnerability in system components. Successful exploitation of this vulnerability may affect system stability.
7.5CVSS
7.7AI Score
0.001EPSS
The communication module has a service logic error vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.5AI Score
0.001EPSS
The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity.
7.5CVSS
7.5AI Score
0.001EPSS
The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability.
9.1CVSS
9AI Score
0.001EPSS
The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access.
9.8CVSS
9.3AI Score
0.002EPSS
The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash.
7.5CVSS
7.4AI Score
0.001EPSS
Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations.
7.5CVSS
7.4AI Score
0.001EPSS
Configuration defects in the secure OS module. Successful exploitation of this vulnerability can affect availability.
7.5CVSS
7.5AI Score
0.001EPSS
HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC) information.
5.3CVSS
5.2AI Score
0.001EPSS
Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect availability.
7.5CVSS
7.5AI Score
0.001EPSS
The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability.
7.5CVSS
7.5AI Score
0.001EPSS
The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability.
7.5CVSS
7.5AI Score
0.001EPSS
The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system stability.
7.5CVSS
7.5AI Score
0.001EPSS
A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.5AI Score
0.001EPSS
The DFX module has an access control vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data integrity.
7.5CVSS
7.5AI Score
0.001EPSS
The Wi-Fi module has an event notification vulnerability.Successful exploitation of this vulnerability may allow third-party applications to intercept event notifications and add information and result in elevation-of-privilege.
9.8CVSS
9.1AI Score
0.002EPSS
There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability.
7.5CVSS
7.5AI Score
0.001EPSS
The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability.
5.5CVSS
5.4AI Score
0.0004EPSS
Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality.
5.5CVSS
5.5AI Score
0.0004EPSS
The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability.
7.5CVSS
7.5AI Score
0.001EPSS
Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features.
7.5CVSS
7.5AI Score
0.001EPSS
The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability.
5.5CVSS
5.5AI Score
0.0004EPSS
The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality.
5.5CVSS
5.5AI Score
0.0004EPSS
The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
The kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
4.7CVSS
4.7AI Score
0.0004EPSS
AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability.
5.5CVSS
5.5AI Score
0.0004EPSS
Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this vulnerability may affect data integrity and confidentiality.
9.1CVSS
9.1AI Score
0.002EPSS
Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
The AMS module has a vulnerability in input validation. Successful exploitation of this vulnerability may cause privilege escalation.
7.8CVSS
7.6AI Score
0.0004EPSS
The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality.
9.1CVSS
9.1AI Score
0.002EPSS
The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background.
7.5CVSS
7.5AI Score
0.001EPSS
The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address mappings.
7.5CVSS
7.6AI Score
0.002EPSS
The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.
6.5CVSS
6.7AI Score
0.001EPSS