Emui Security Vulnerabilities

CVE-2023-46771

Security vulnerability in the face unlock module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-46772

Vulnerability of parameters being out of the value range in the QMI service module. Successful exploitation of this vulnerability may cause errors in reading file data.

CVE-2023-46773

Permission management vulnerability in the PMS module. Successful exploitation of this vulnerability may cause privilege escalation.

CVE-2023-46774

Vulnerability of uncaught exceptions in the NFC module. Successful exploitation of this vulnerability can affect NFC availability.

CVE-2023-49239

Unauthorized access vulnerability in the card management module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49240

Unauthorized access vulnerability in the launcher module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49241

API permission control vulnerability in the network management module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49242

Free broadcast vulnerability in the running management module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49243

Vulnerability of unauthorized access to email attachments in the email module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49244

Permission management vulnerability in the multi-user module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49245

Unauthorized access vulnerability in the Huawei Share module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49246

Unauthorized access vulnerability in the card management module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49247

Permission verification vulnerability in distributed scenarios. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49248

Vulnerability of unauthorized file access in the Settings app. Successful exploitation of this vulnerability may cause unauthorized file access.

CVE-2023-52097

Vulnerability of foreground service restrictions being bypassed in the NMS module.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-52098

Denial of Service (DoS) vulnerability in the DMS module. Successful exploitation of this vulnerability will affect availability.

CVE-2023-52099

Vulnerability of foreground service restrictions being bypassed in the NMS module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-52101

Component exposure vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect service availability and integrity.

CVE-2023-52102

Vulnerability of parameters being not verified in the WMS module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-52103

Buffer overflow vulnerability in the FLP module. Successful exploitation of this vulnerability may cause out-of-bounds read.

CVE-2023-52104

Vulnerability of parameters being not verified in the WMS module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-52106

Vulnerability of permission verification for APIs in the DownloadProviderMain module.Impact: Successful exploitation of this vulnerability will affect integrity and availability.

CVE-2023-52107

Vulnerability of permissions being not strictly verified in the WMS module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-52108

Vulnerability of process priorities being raised in the ActivityManagerService module. Successful exploitation of this vulnerability will affect availability.

CVE-2023-52109

Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-52111

Authorization vulnerability in the BootLoader module. Successful exploitation of this vulnerability may affect service integrity.

CVE-2023-52112

Unauthorized file access vulnerability in the wallpaper service module. Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2023-52113

launchAnyWhere vulnerability in the ActivityManagerService module. Successful exploitation of this vulnerability will affect availability.

CVE-2023-52114

Data confidentiality vulnerability in the ScreenReader module. Successful exploitation of this vulnerability may affect service integrity.

CVE-2023-52116

Permission management vulnerability in the multi-screen interaction module. Successful exploitation of this vulnerability may cause service exceptions of the device.

CVE-2023-52357

Vulnerability of serialization/deserialization mismatch in the vibration framework.Successful exploitation of this vulnerability may affect availability.

CVE-2023-52358

Vulnerability of configuration defects in some APIs of the audio module.Successful exploitation of this vulnerability may affect availability.

CVE-2023-52359

Vulnerability of permission verification in some APIs in the ActivityTaskManagerService module.Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2023-52360

Logic vulnerabilities in the baseband.Successful exploitation of this vulnerability may affect service integrity.

CVE-2023-52362

Permission management vulnerability in the lock screen module.Successful exploitation of this vulnerability may affect availability.

CVE-2023-52363

Vulnerability of defects introduced in the design process in the Control Panel module.Successful exploitation of this vulnerability may cause app processes to be started by mistake.

CVE-2023-52364

Vulnerability of input parameters being not strictly verified in the RSMC module.Impact: Successful exploitation of this vulnerability may cause out-of-bounds write.

CVE-2023-52365

Out-of-bounds read vulnerability in the smart activity recognition module.Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2023-52366

Out-of-bounds read vulnerability in the smart activity recognition module.Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2023-52367

Vulnerability of improper access control in the media library module.Successful exploitation of this vulnerability may affect service availability and integrity.

CVE-2023-52368

Input verification vulnerability in the account module.Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2023-52369

Stack overflow vulnerability in the NFC module.Successful exploitation of this vulnerability may affect service availability and integrity.

CVE-2023-52370

Stack overflow vulnerability in the network acceleration module.Successful exploitation of this vulnerability may cause unauthorized file access.

CVE-2023-52371

Vulnerability of null references in the motor module.Successful exploitation of this vulnerability may affect availability.

CVE-2023-52372

Vulnerability of input parameter verification in the motor module.Successful exploitation of this vulnerability may affect availability.

CVE-2023-52373

Vulnerability of permission verification in the content sharing pop-up module.Successful exploitation of this vulnerability may cause unauthorized file sharing.

CVE-2023-52374

Permission control vulnerability in the package management module.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-52375

Permission control vulnerability in the WindowManagerServices module.Successful exploitation of this vulnerability may affect availability.

CVE-2023-52376

Information management vulnerability in the Gallery module.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-52377

Vulnerability of input data not being verified in the cellular data module.Successful exploitation of this vulnerability may cause out-of-bounds access.