Harmonyos Security Vulnerabilities
There is a Vulnerability of obtaining broadcast information improperly due to improper broadcast permission settings in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
7.5CVSS
7.3AI Score
0.002EPSS
Changlian Blocklist has a Business Logic Errors vulnerability .Successful exploitation of this vulnerability may expand the attack surface of the message class.
7.5CVSS
7.5AI Score
0.001EPSS
There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
HwPCAssistant has a Improper Input Validation vulnerability.Successful exploitation of this vulnerability may create any file with the system app permission.
7.5CVSS
7.5AI Score
0.001EPSS
Password vault has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability could compromise confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
MyHuawei-App has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could compromise confidentiality.
7.5CVSS
7.4AI Score
0.002EPSS
There is a Null pointer dereference in Smartphones.Successful exploitation of this vulnerability may cause the kernel to break down.
7.5CVSS
7.3AI Score
0.001EPSS
There is an Out-of-bounds read in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
7.5CVSS
7.4AI Score
0.002EPSS
Hilinksvc has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause denial of service attacks.
7.5CVSS
7.4AI Score
0.001EPSS
The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
7.5CVSS
7.4AI Score
0.001EPSS
Telephony application has a SQL Injection vulnerability.Successful exploitation of this vulnerability may cause privacy and security issues.
7.5CVSS
7.9AI Score
0.001EPSS
HHEE system has a Code Injection vulnerability.Successful exploitation of this vulnerability may affect HHEE system integrity.
9.8CVSS
9.6AI Score
0.002EPSS
Telephony application has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could lead to sensitive information disclosure.
5.3CVSS
4.9AI Score
0.001EPSS
Chang Lian application has a vulnerability which can be maliciously exploited to hide the calling number.Successful exploitation of this vulnerability allows you to make an anonymous call.
5.3CVSS
5.2AI Score
0.001EPSS
Phone Manager application has a Improper Privilege Management vulnerability.Successful exploitation of this vulnerability may read and write arbitrary files by tampering with Phone Manager notifications.
9.1CVSS
9.1AI Score
0.002EPSS
The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
7.5CVSS
7.4AI Score
0.001EPSS
Huawei idap module has a Out-of-bounds Read vulnerability.Successful exploitation of this vulnerability may cause Denial of Service.
7.5CVSS
7.5AI Score
0.001EPSS
The HwNearbyMain module has a Improper Validation of Array Index vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
7.5CVSS
7.4AI Score
0.001EPSS
The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
7.5CVSS
7.4AI Score
0.001EPSS
The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
7.5CVSS
7.4AI Score
0.001EPSS
The HwNearbyMain module has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
7.5CVSS
7.4AI Score
0.001EPSS
The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user experience.
9.8CVSS
9.4AI Score
0.002EPSS
There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones. Successful exploitation of this vulnerability may cause memory overflow.
9.8CVSS
9.6AI Score
0.002EPSS
There is Vulnerability of APIs being concurrently called for multiple times in HwConnectivityExService a in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart.
7.5CVSS
7.4AI Score
0.001EPSS
The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end.
8.8CVSS
8.9AI Score
0.001EPSS
The CaasKit module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause the MeeTime application to be unavailable.
5.3CVSS
5.2AI Score
0.001EPSS
The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end.
8.8CVSS
8.9AI Score
0.001EPSS
HwPCAssistant has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
5.3CVSS
5.3AI Score
0.001EPSS
The cellular module has a vulnerability in permission management. Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.4AI Score
0.002EPSS
The distributed data service component has a vulnerability in data access control. Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.4AI Score
0.002EPSS
Vulnerability of design defects in the security algorithm component. Successful exploitation of this vulnerability may affect confidentiality.
4.6CVSS
4.7AI Score
0.001EPSS
There is an Out-of-bounds write vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
5.3CVSS
5.3AI Score
0.001EPSS
The bone voice ID TA has a heap overflow vulnerability.Successful exploitation of this vulnerability may result in malicious code execution.
9.8CVSS
9.7AI Score
0.004EPSS
There is an uncontrolled resource consumption vulnerability in the display module. Successful exploitation of this vulnerability may affect integrity.
7.5CVSS
7.5AI Score
0.001EPSS
Vulnerability of pointers being incorrectly used during data transmission in the video framework. Successful exploitation of this vulnerability may affect confidentiality.
7.5CVSS
7.4AI Score
0.001EPSS
The bone voice ID trusted application (TA) has a heap overflow vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.7AI Score
0.002EPSS
There is a race condition vulnerability in the binder driver subsystem in the kernel.Successful exploitation of this vulnerability may affect kernel stability.
4.7CVSS
4.6AI Score
0.0004EPSS
The HW_KEYMASTER module lacks the validity check of the key format. Successful exploitation of this vulnerability may result in out-of-bounds memory access.
9.8CVSS
9.4AI Score
0.002EPSS
The eID module has a null pointer reference vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
The weaver module has a vulnerability in parameter type verification,Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
Implementation of the WLAN module interfaces has the information disclosure vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.2AI Score
0.002EPSS
The eID module has a vulnerability that causes the memory to be used without being initialized,Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.4AI Score
0.002EPSS
There is a Heap-based buffer overflow vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
7.5CVSS
7.7AI Score
0.001EPSS
The bone voice ID TA has a vulnerability in calculating the buffer length,Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.6AI Score
0.002EPSS
The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data integrity.
7.5CVSS
7.5AI Score
0.001EPSS
There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability.
7.5CVSS
7.6AI Score
0.001EPSS
The My HUAWEI app has a defect in the design. Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.5AI Score
0.002EPSS
There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
7.5CVSS
7.5AI Score
0.001EPSS
The bone voice ID TA has a vulnerability in information management,Successful exploitation of this vulnerability may affect data confidentiality.
7.5CVSS
7.3AI Score
0.002EPSS