CVE-2022-46313Improper Authentication in Huawei Harmonyos

CWE-287Improper Authentication2 documents2 sources
Severity
5.3MEDIUMNVD
EPSS
0.1%
top 66.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei Harmonyos
Timeline
PublishedDec 20

Description

The sensor privacy module has an authentication vulnerability. Successful exploitation of this vulnerability may cause unavailability of the smartphone's camera and microphone.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

NVDhuawei/harmonyos< 3.0.0
CVEListV5huawei/harmonyos3.0.0

Patches

Patch: device.harmonyos.comPatch: device.harmonyos.com

🔴Vulnerability Details

1
GHSA
GHSA-mxmp-r5rw-rjgj: The sensor privacy module has an authentication vulnerability2022-12-20