CVE-2022-39012 — Improper Input Validation in Huawei Aslan-al10 Firmware

CWE-20 — Improper Input Validation3 documents3 sources

Severity

7.5HIGHNVD

EPSS

0.2%

top 60.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Aslan-al10 Firmware Huawei Aslan-al10

Timeline

PublishedDec 28

Description

Huawei Aslan Children's Watch has an improper input validation vulnerability. Successful exploitation may cause the watch's application service abnormal.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶NVDhuawei/aslan-al10_firmware11.1.0.118\(c00m06\) — 11.1.0.10118\(c00m06\)

▶CVEListV5huawei/aslan-al1011.1.0.118(C00M06)-11.1.0.10118(C00M06)

🔴Vulnerability Details

CVEList

CVE-2022-39012: Huawei Aslan Children's Watch has an improper input validation vulnerability↗2022-12-28

▶

GHSA

GHSA-jvfp-qvc2-jcrv: Huawei Aslan Children's Watch has an improper input validation vulnerability↗2022-12-28

▶