CVE-2022-22253

The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system stability.

CVE-2022-22256

The DFX module has an access control vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.

CVE-2021-40047

There is a vulnerability of memory not being released after effective lifetime in the Bastet module. Successful exploitation of this vulnerability may affect integrity.

CVE-2021-40055

There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity.

CVE-2021-37103

There is an improper permission management vulnerability in the Wallet apps. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-40053

There is a permission control vulnerability in the Nearby module.Successful exploitation of this vulnerability will affect availability and integrity.

CVE-2021-40054

There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of this vulnerability may affect integrity.

CVE-2021-22448

There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause unauthorized read and write of some files.

CVE-2022-22257

The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data integrity.

CVE-2021-22430

There is a logic bypass vulnerability in smartphones. Successful exploitation of this vulnerability may cause code injection.

CVE-2021-22489

There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service availability.

CVE-2021-37027

There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service integrity.

CVE-2021-40057

There is a heap-based and stack-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.

CVE-2021-40064

There is a heap-based buffer overflow vulnerability in system components. Successful exploitation of this vulnerability may affect system stability.

CVE-2021-40015

There is a race condition vulnerability in the binder driver subsystem in the kernel.Successful exploitation of this vulnerability may affect kernel stability.

CVE-2021-40048

There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability will affect availability.

CVE-2021-22335

There is a Memory Buffer Improper Operation Limit vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause exceptions in image processing.

CVE-2021-46788

Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations.

CVE-2021-46789

Configuration defects in the secure OS module. Successful exploitation of this vulnerability can affect availability.

CVE-2022-22252

The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability.

CVE-2021-22336

There is an Improper Control of Generation of Code vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause denial of security services on a rooted device.

CVE-2021-22333

There is an Improper Validation of Array Index vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute, thus obtaining system permissions.

CVE-2021-22337

There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause leaking of user click data.

CVE-2021-46741

The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity.

CVE-2022-22254

A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality.

CVE-2022-37002

The SystemUI module has a privilege escalation vulnerability. Successful exploitation of this vulnerability can cause malicious applications to pop up windows or run in the background.

CVE-2022-31751

The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability.

CVE-2020-9149

An application error verification vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to modify and delete user SMS messages.

CVE-2021-22308

There is a Business Logic Errors vulnerability in Huawei Smartphone. The malicious apps installed on the device can keep taking screenshots in the background. This issue does not cause system errors, but may cause personal information leakage.

CVE-2021-40010

The bone voice ID TA has a heap overflow vulnerability.Successful exploitation of this vulnerability may result in malicious code execution.

CVE-2020-9146

A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to cause memory leakage and doS attacks by carefully constructing attack scenarios.

CVE-2020-9148

An application bypass mechanism vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to delete user SMS messages.

CVE-2021-40040

Vulnerability of writing data to an arbitrary address in the HW_KEYMASTER module. Successful exploitation of this vulnerability may affect confidentiality.

CVE-2022-34738

The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background.

CVE-2021-22367

There is a Key Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may lead to authentication bypass.

CVE-2020-9142

There is a heap base buffer overflow vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability can cause heap overflow and memory overwriting when the system incorrectly processes the update file.

CVE-2020-9147

A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers may exploit this vulnerability by carefully constructing attack scenarios to cause out-of-bounds read.

CVE-2021-37133

There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37097

There is a Code Injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system restart.

CVE-2021-37113

There is a Privilege escalation vulnerability with the file system component in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-22446

There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.

CVE-2022-37004

The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE). Successful exploitation of this vulnerability may affect the availability.

CVE-2021-37043

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to malicious application processes occupy system resources.

CVE-2021-37119

There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.

CVE-2021-39966

There is an Uninitialized AOD driver structure in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-39969

There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-39996

There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones. Successful exploitation of this vulnerability may cause memory overflow.

CVE-2021-40011

There is an uncontrolled resource consumption vulnerability in the display module. Successful exploitation of this vulnerability may affect integrity.

CVE-2022-34739

The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address mappings.

CVE-2020-9138

There is a heap-based buffer overflow vulnerability in some Huawei Smartphone, Successful exploit of this vulnerability can cause process exceptions during updating.