CVE-2022-48491 — Missing Authorization in Huawei Emui

CWE-862 — Missing Authorization3 documents3 sources

Severity

5.3MEDIUMNVD

EPSS

0.1%

top 74.71%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Emui Huawei Harmonyos

Timeline

PublishedJun 19

Description

Vulnerability of missing authentication on certain HUAWEI phones.Successful exploitation of this vulnerability can lead to ads and other windows to display at any time.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

▶CVEListV5huawei/emui4 versions+3

▶NVDhuawei/emui4 versions+3

▶CVEListV5huawei/harmonyos4 versions+3

🔴Vulnerability Details

CVEList

CVE-2022-48491: Vulnerability of missing authentication on certain HUAWEI phones↗2023-06-19

▶

GHSA

GHSA-9c73-w93q-jq2f: Vulnerability of missing authentication on certain HUAWEI phones↗2023-06-19

▶