CVE-2022-37005Argument Injection in Huawei Emui

CWE-88Argument Injection3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.3%
top 48.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Huawei EmuiHuawei HarmonyosHuawei Magic UI
Timeline
PublishedAug 10
Latest updateAug 11

Description

The Settings application has an argument injection vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages6 packages

CVEListV5huawei/emui4 versions+3
NVDhuawei/emui4 versions+3
CVEListV5huawei/magic_ui3.1.1, 4.0.0+1
NVDhuawei/magic_ui3.1.1, 4.0.0+1
CVEListV5huawei/harmonyos2.0

🔴Vulnerability Details

2
GHSA
GHSA-x982-v3wr-wrfq: The Settings application has an argument injection vulnerability2022-08-11
CVEList
CVE-2022-37005: The Settings application has an argument injection vulnerability2022-08-09
CVE-2022-37005 — Argument Injection in Huawei Emui | cvebase