CVE-2022-45874

CWE-285CWE-863Incorrect Authorization3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 93.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei Aslan-al10 FirmwareHuawei Aslan-al10
Timeline
PublishedDec 28

Description

Huawei Aslan Children's Watch has an improper authorization vulnerability. Successful exploit could allow the attacker to access certain file.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDhuawei/aslan-al10_firmware11.1.0.118\(c00m06\)11.1.0.10118\(c00m06\)
CVEListV5huawei/aslan-al1011.1.0.118(C00M06), 11.1.0.118(C00M06)-11.1.0.10118(C00M06)+1

🔴Vulnerability Details

2
CVEList
CVE-2022-45874: Huawei Aslan Children's Watch has an improper authorization vulnerability2022-12-28
GHSA
GHSA-9vpq-m98h-94f2: Huawei Aslan Children's Watch has an improper authorization vulnerability2022-12-28
CVE-2022-45874 (MEDIUM CVSS 5.5) | Huawei Aslan Children's Watch has a | cvebase.io