CVE-2022-34738

The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background...

CVE-2022-34738

The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background...

Spoofing

The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background...

CVE-2022-34738

The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background...

CVE-2022-34738

The CVE-2022-34738 entry applies to Huawei/HarmonyOS: SystemUI module has a permission-control vulnerability that could allow a background service to run without user awareness. Public references across CVE/NVD/Red Hat entries corroborate SystemUI privilege-management issues contributing to hidde...

HUAWEI HarmonyOS SystemUI module privilege management vulnerability

HUAWEI HarmonyOS is an operating system from China's Huawei HUAWEI. HUAWEI HarmonyOS version 2.0 contains an authorization issue vulnerability that stems from improper privilege management in the SystemUI module, which could be exploited by an attacker to cause device services to run in the...

HUAWEI HarmonyOS 安全漏洞

HUAWEI HarmonyOS is an operating system from China's Huawei HUAWEI. HUAWEI HarmonyOS version 2.0 contains an authorization issue vulnerability that stems from improper privilege management in the SystemUI module, which could be exploited by an attacker to cause device services to run in the...

ASB-A-212467440

In onEntryUpdated of OngoingCallController.kt, it is possible to launch non-exported activities due to intent redirection. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

Google Android Elevation of Privilege Vulnerability (CNVD-2022-28921)

Google Android is a Linux-based open source operating system from Google, Inc. An elevation of privilege vulnerability exists in Google Android, which stems from an agent obfuscation in the SystemUI that could arbitrarily launch an Activity. An attacker could exploit this vulnerability to cause a...

CVE-2021-39787

In SystemUI, there is a possible arbitrary Activity launch due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-202506934...

CVE-2021-39787

In SystemUI, there is a possible arbitrary Activity launch due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-202506934...

Privilege escalation

In SystemUI, there is a possible arbitrary Activity launch due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-202506934...

CVE-2021-39787

In SystemUI, there is a possible arbitrary Activity launch due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-202506934...

CVE-2021-39787

CVE-2021-39787 affects Android 12L SystemUI. The issue enables an arbitrary Activity launch via a confused deputy, resulting in local elevation of privilege with no extra execution privileges required and a required user interaction for exploitation. Affected component: SystemUI on Android-12L; r...

Samsung SystemUI Denial of Service Vulnerability

Samsung SystemUI is a system application for Samsung Samsung mobile devices. A denial of service vulnerability exists in Samsung SystemUI that stems from an exception handling error in SystemUI for multisimbarhidebymeadiafull, which can be exploited by an attacker to cause a denial of service...

CVE-2021-25473

Assuming a shell privilege is gained, an improper exception handling for multisimbarhidebymeadiafull value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset...

CVE-2021-25474

Assuming a shell privilege is gained, an improper exception handling for multisimbarshowonqspanel value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset...

Design/Logic Flaw

Assuming a shell privilege is gained, an improper exception handling for multisimbarhidebymeadiafull value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset...

Design/Logic Flaw

Assuming a shell privilege is gained, an improper exception handling for multisimbarshowonqspanel value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset...

CVE-2021-25474

Summary (CVE-2021-25474): Samsung SystemUI prior to SMR Oct-2021 Release 1 contains an improper exception handling for the multi_sim_bar_show_on_qspanel value, enabling a user‑device denial of service once a shell privilege is gained. The issue is triggered in SystemUI and results in a permanent ...