Emui Security Vulnerabilities - 2023
Some products have the double fetch vulnerability. Successful exploitation of this vulnerability may cause denial of service (DoS) attacks to the kernel.
7.5CVSS
7.4AI Score
0.001EPSS
The BatteryHealthActivity has a redirection vulnerability. Successful exploitation of this vulnerability by a malicious app can cause service exceptions.
7.4CVSS
7.4AI Score
0.001EPSS
The recovery mode for updates has a vulnerability that causes arbitrary disk modification. Successful exploitation of this vulnerability may affect confidentiality.
7.5CVSS
7.6AI Score
0.002EPSS
The facial recognition module has a vulnerability in file permission control. Successful exploitation of this vulnerability may affect confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
The Always On Display (AOD) has a path traversal vulnerability in theme files. Successful exploitation of this vulnerability may cause a failure in reading AOD theme resources.
5.3CVSS
5.3AI Score
0.001EPSS
Integer overflow vulnerability in some phones. Successful exploitation of this vulnerability may affect service confidentiality.
7.5CVSS
7.6AI Score
0.001EPSS
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
7.5CVSS
7.5AI Score
0.001EPSS
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
7.5CVSS
7.5AI Score
0.001EPSS
Vulnerability of bypassing the default desktop security controls.Successful exploitation of this vulnerability may cause unauthorized modifications to the desktop.
5.3CVSS
5.2AI Score
0.001EPSS
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
7.5CVSS
7.5AI Score
0.001EPSS
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
7.5CVSS
7.5AI Score
0.001EPSS
Vulnerability of missing authentication on certain HUAWEI phones.Successful exploitation of this vulnerability can lead to ads and other windows to display at any time.
5.3CVSS
5.4AI Score
0.0005EPSS
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
7.5CVSS
7.5AI Score
0.001EPSS
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
7.5CVSS
7.5AI Score
0.001EPSS
Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become pre-authorized.
7.5CVSS
7.4AI Score
0.001EPSS
Vulnerability of unauthorized access to foreground app information.Successful exploitation of this vulnerability may cause foreground app information to be obtained.
5.3CVSS
5.1AI Score
0.001EPSS
Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become pre-authorized.
7.5CVSS
7.4AI Score
0.001EPSS
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
7.5CVSS
7.5AI Score
0.001EPSS
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
7.5CVSS
7.5AI Score
0.001EPSS
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
7.5CVSS
7.5AI Score
0.001EPSS
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
7.5CVSS
7.5AI Score
0.001EPSS
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
7.5CVSS
7.5AI Score
0.001EPSS
Vulnerability of identity verification being bypassed in the storage module. Successful exploitation of this vulnerability may affect service confidentiality.
7.5CVSS
7.4AI Score
0.001EPSS
Inappropriate authorization vulnerability in the system apps. Successful exploitation of this vulnerability may affect service integrity.
7.5CVSS
7.5AI Score
0.001EPSS
Race condition vulnerability due to multi-thread access to mutually exclusive resources in Huawei Share. Successful exploitation of this vulnerability may cause the program to exit abnormally.
5.9CVSS
5.6AI Score
0.001EPSS
Input verification vulnerability in the AMS module. Successful exploitation of this vulnerability will cause unauthorized operations.
9.8CVSS
9.2AI Score
0.003EPSS
Use After Free (UAF) vulnerability in the audio PCM driver module under special conditions. Successful exploitation of this vulnerability may cause audio features to perform abnormally.
9.8CVSS
9.3AI Score
0.003EPSS
Use After Free (UAF) vulnerability in the Vdecoderservice service. Successful exploitation of this vulnerability may cause the image decoding feature to perform abnormally.
9.8CVSS
9.3AI Score
0.002EPSS
Vulnerability of identity verification being bypassed in the Gallery module. Successful exploitation of this vulnerability may cause out-of-bounds access.
9.8CVSS
9.2AI Score
0.002EPSS
Vulnerability of inappropriate permission control in Nearby. Successful exploitation of this vulnerability may affect service confidentiality.
7.5CVSS
7.4AI Score
0.002EPSS
Vulnerability that a unique value can be obtained by a third-party app in the DSoftBus module. Successful exploitation of this vulnerability will affect confidentiality.
7.5CVSS
7.4AI Score
0.002EPSS
Unauthorized service access vulnerability in the DSoftBus module. Successful exploitation of this vulnerability will affect availability.
7.5CVSS
7.5AI Score
0.001EPSS
Vulnerability of signature verification in the iaware system being initialized later than the time when the system broadcasts are sent. Successful exploitation of this vulnerability may cause malicious apps to start upon power-on by spoofing the package names of apps in the startup trustlist, which...
5.5CVSS
5.3AI Score
0.0005EPSS
Unauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerability may affect confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
Unauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerability may affect confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
Input verification vulnerability in the fingerprint module. Successful exploitation of this vulnerability will affect confidentiality, integrity, and availability.
9.8CVSS
9.3AI Score
0.001EPSS
Stability-related vulnerability in the binder background management and control module. Successful exploitation of this vulnerability may affect availability.
7.5CVSS
7.5AI Score
0.001EPSS
Race condition vulnerability in the kernel module. Successful exploitation of this vulnerability may cause variable values to be read with the condition evaluation bypassed.
5.9CVSS
5.5AI Score
0.001EPSS
The reminder module lacks an authentication mechanism for broadcasts received. Successful exploitation of this vulnerability may affect availability.
7.5CVSS
7.7AI Score
0.001EPSS
The online authentication provided by the hwKitAssistant lacks strict identity verification of applications. Successful exploitation of this vulnerability may affect availability of features,such as MeeTime.
5.3CVSS
5.5AI Score
0.0005EPSS
Vulnerability of failures to capture exceptions in the communication framework. Successful exploitation of this vulnerability may cause features to perform abnormally.
7.5CVSS
7.4AI Score
0.001EPSS
The window management module lacks permission verification.Successful exploitation of this vulnerability may affect confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality.
7.5CVSS
7.8AI Score
0.002EPSS
The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality.
7.5CVSS
7.8AI Score
0.002EPSS
Vulnerability of failures to capture exceptions in the communication framework. Successful exploitation of this vulnerability may cause features to perform abnormally.
7.5CVSS
7.4AI Score
0.001EPSS
The multimedia video module has a vulnerability in data processing.Successful exploitation of this vulnerability may affect availability.
7.5CVSS
7.5AI Score
0.001EPSS
The InputMethod module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.
7.8CVSS
7.6AI Score
0.0004EPSS
The pgmng module has a vulnerability in serialization/deserialization. Successful exploitation of this vulnerability may affect availability.
7.5CVSS
7.5AI Score
0.001EPSS
The SystemUI module has a vulnerability of repeated app restart due to improper parameters. Successful exploitation of this vulnerability may affect confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
The Gallery app has the risk of hijacking attacks. Successful exploitation of this vulnerability may cause download failures and affect product availability.
3.3CVSS
4.3AI Score
0.0004EPSS