Harmonyos Security Vulnerabilities
A component API of the HarmonyOS 2.0 has a permission bypass vulnerability. Local attackers may exploit this vulnerability to issue commands repeatedly, exhausting system service resources.
3.3CVSS
4.3AI Score
0.0004EPSS
A component of the HarmonyOS has a permission bypass vulnerability. Local attackers may exploit this vulnerability to cause the device to hang due to the page error OsVmPageFaultHandler.
5.5CVSS
5.4AI Score
0.0004EPSS
A component of HarmonyOS 2.0 has a DoS vulnerability. Local attackers may exploit this vulnerability to mount a file system to the target device, causing DoS of the file system.
5.5CVSS
5.5AI Score
0.0004EPSS
A component of the HarmonyOS 2.0 has a Null Pointer Dereference Vulnerability. Local attackers may exploit this vulnerability to cause system denial of service.
5.5CVSS
5.3AI Score
0.0004EPSS
There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause integer overflows.
7.5CVSS
7.5AI Score
0.001EPSS
A component of the HarmonyOS has a Privilege Dropping / Lowering Errors vulnerability. Local attackers may exploit this vulnerability to obtain Kernel space read/write capability.
7.1CVSS
6.8AI Score
0.0004EPSS
A component of the HarmonyOS has a Improper Privilege Management vulnerability. Local attackers may exploit this vulnerability to bypass user restrictions.
8.4CVSS
8.2AI Score
0.001EPSS
There is a buffer overflow vulnerability in smartphones. Successful exploitation of this vulnerability may cause DoS of the apps during Multi-Screen Collaboration.
9.1CVSS
9.3AI Score
0.002EPSS
There is a code injection vulnerability in smartphones. Successful exploitation of this vulnerability may affect service confidentiality.
7.5CVSS
7.6AI Score
0.001EPSS
A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Code Execution.
7.8CVSS
7.5AI Score
0.0004EPSS
A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Memory Leakage.
5.5CVSS
5.4AI Score
0.0004EPSS
A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause memory overwriting.
7.8CVSS
7.5AI Score
0.0004EPSS
A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to cause persistent dos.
5.5CVSS
5.3AI Score
0.0004EPSS
A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause the underlying trust of the application trustlist mechanism is missing..
7.8CVSS
7.5AI Score
0.0004EPSS
A component of the HarmonyOS has a Improper Privilege Management vulnerability. Local attackers may exploit this vulnerability to cause further Elevation of Privileges.
7.8CVSS
7.5AI Score
0.0004EPSS
A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause memory overwriting.
7.8CVSS
7.5AI Score
0.0004EPSS
A component of the HarmonyOS has a Out-of-bounds Write Vulnerability. Local attackers may exploit this vulnerability to cause integer overflow.
7.8CVSS
7.4AI Score
0.0004EPSS
A component of the HarmonyOS has a Kernel Memory Leakage Vulnerability. Local attackers may exploit this vulnerability to cause Kernel Denial of Service.
5.5CVSS
5.4AI Score
0.0004EPSS
A component of the HarmonyOS has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevating Privileges.
7.8CVSS
7.4AI Score
0.0004EPSS
There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.
9.8CVSS
9.3AI Score
0.002EPSS
There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.
9.8CVSS
9.3AI Score
0.002EPSS
There is a logic bypass vulnerability in smartphones. Successful exploitation of this vulnerability may cause code injection.
9.8CVSS
9.6AI Score
0.001EPSS
There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access.
9.8CVSS
9.3AI Score
0.002EPSS
There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access.
9.8CVSS
9.3AI Score
0.002EPSS
There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.
9.8CVSS
9.3AI Score
0.002EPSS
There is a memory address out of bounds vulnerability in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.
9.8CVSS
9.3AI Score
0.002EPSS
Some Huawei products have an integer overflow vulnerability. Successful exploitation of this vulnerability may lead to kernel crash.
5.5CVSS
5.5AI Score
0.0004EPSS
A component of the HarmonyOS has a Incomplete Cleanup vulnerability. Local attackers may exploit this vulnerability to cause memory exhaustion.
5.5CVSS
5.4AI Score
0.0004EPSS
A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause memory overwriting.
7.8CVSS
7.5AI Score
0.0004EPSS
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to read at any address.
5.5CVSS
5.3AI Score
0.0004EPSS
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash.
3.3CVSS
4.1AI Score
0.0004EPSS
A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause core dump.
5.5CVSS
5.4AI Score
0.0004EPSS
A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause the memory which is not released.
5.5CVSS
5.5AI Score
0.0004EPSS
A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable.
5.5CVSS
5.3AI Score
0.0004EPSS
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to cause out-of-bounds write.
3.3CVSS
4.1AI Score
0.0004EPSS
A component of the HarmonyOS has a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability. Local attackers may exploit this vulnerability to cause arbitrary code execution.
7.8CVSS
7.8AI Score
0.0004EPSS
A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause System functions which are unavailable.
5.5CVSS
5.4AI Score
0.0004EPSS
A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to bypass the control mechanism.
5.5CVSS
5.4AI Score
0.0004EPSS
A component of the HarmonyOS has a Allocation of Resources Without Limits or Throttling vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash.
5.5CVSS
5.4AI Score
0.0004EPSS
A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause kernel crash.
5.5CVSS
5.3AI Score
0.0004EPSS
A component of the HarmonyOS has a Use After Free vulnerability . Local attackers may exploit this vulnerability to cause Kernel Information disclosure.
5.5CVSS
5.4AI Score
0.0004EPSS
A component of the HarmonyOS has a Out-of-bounds Read vulnerability. Local attackers may exploit this vulnerability to cause system Soft Restart.
3.3CVSS
4.2AI Score
0.0004EPSS
A component of the HarmonyOS has a Heap-based Buffer Overflow vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable.
5.5CVSS
5.5AI Score
0.0004EPSS
A component of the HarmonyOS has a Use After Free vulnerability. Local attackers may exploit this vulnerability to cause kernel crash.
5.5CVSS
5.3AI Score
0.0004EPSS
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to read at any address.
5.5CVSS
5.3AI Score
0.0004EPSS
A component of the HarmonyOS has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability. Local attackers may exploit this vulnerability to cause kernel address leakage.
3.3CVSS
4AI Score
0.0004EPSS
A component of the HarmonyOS has a Out-of-bounds Read vulnerability. Local attackers may exploit this vulnerability to cause kernel out-of-bounds read.
7.1CVSS
6.6AI Score
0.0004EPSS
A component of the HarmonyOS has a Privileges Controls vulnerability. Local attackers may exploit this vulnerability to expand the Recording Trusted Domain.
7.8CVSS
7.5AI Score
0.0004EPSS
A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash.
5.5CVSS
5.4AI Score
0.0004EPSS
The interface of a certain HarmonyOS module has a UAF vulnerability. Successful exploitation of this vulnerability may lead to information leakage.
5.5CVSS
5.3AI Score
0.0004EPSS