Huawei Emui vulnerabilities

CVE-2023-52098 [HIGH] CWE-400 CVE-2023-52098: Denial of Service (DoS) vulnerability in the DMS module. Successful exploitation of this vulnerabili Denial of Service (DoS) vulnerability in the DMS module. Successful exploitation of this vulnerability will affect availability.

CVE-2023-52099 [HIGH] CWE-284 CVE-2023-52099: Vulnerability of foreground service restrictions being bypassed in the NMS module. Successful exploi Vulnerability of foreground service restrictions being bypassed in the NMS module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-52109 [HIGH] CWE-345 CVE-2023-52109: Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful exploitat Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-4566 [HIGH] CWE-290 CVE-2023-4566: Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful exploitat Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-52111 [HIGH] CWE-287 CVE-2023-52111: Authorization vulnerability in the BootLoader module. Successful exploitation of this vulnerability Authorization vulnerability in the BootLoader module. Successful exploitation of this vulnerability may affect service integrity.

CVE-2023-52107 [HIGH] CWE-269 CVE-2023-52107: Vulnerability of permissions being not strictly verified in the WMS module. Successful exploitation Vulnerability of permissions being not strictly verified in the WMS module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-52116 [HIGH] CWE-269 CVE-2023-52116: Permission management vulnerability in the multi-screen interaction module. Successful exploitation Permission management vulnerability in the multi-screen interaction module. Successful exploitation of this vulnerability may cause service exceptions of the device.

CVE-2023-52112 [MEDIUM] CWE-552 CVE-2023-52112: Unauthorized file access vulnerability in the wallpaper service module. Successful exploitation of t Unauthorized file access vulnerability in the wallpaper service module. Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2023-46773 [CRITICAL] CWE-276 CVE-2023-46773: Permission management vulnerability in the PMS module. Successful exploitation of this vulnerability Permission management vulnerability in the PMS module. Successful exploitation of this vulnerability may cause privilege escalation.

CVE-2023-49240 [HIGH] CWE-601 CVE-2023-49240: Unauthorized access vulnerability in the launcher module. Successful exploitation of this vulnerabil Unauthorized access vulnerability in the launcher module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-44113 [HIGH] CWE-862 CVE-2023-44113: Vulnerability of missing permission verification for APIs in the Designed for Reliability (DFR) modu Vulnerability of missing permission verification for APIs in the Designed for Reliability (DFR) module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49245 [HIGH] CVE-2023-49245: Unauthorized access vulnerability in the Huawei Share module. Successful exploitation of this vulner Unauthorized access vulnerability in the Huawei Share module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49247 [HIGH] CWE-295 CVE-2023-49247: Permission verification vulnerability in distributed scenarios. Successful exploitation of this vuln Permission verification vulnerability in distributed scenarios. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49239 [HIGH] CWE-863 CVE-2023-49239: Unauthorized access vulnerability in the card management module. Successful exploitation of this vul Unauthorized access vulnerability in the card management module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49241 [HIGH] CVE-2023-49241: API permission control vulnerability in the network management module. Successful exploitation of th API permission control vulnerability in the network management module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49246 [HIGH] CWE-863 CVE-2023-49246: Unauthorized access vulnerability in the card management module. Successful exploitation of this vul Unauthorized access vulnerability in the card management module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49244 [HIGH] CVE-2023-49244: Permission management vulnerability in the multi-user module. Successful exploitation of this vulner Permission management vulnerability in the multi-user module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49242 [HIGH] CVE-2023-49242: Free broadcast vulnerability in the running management module. Successful exploitation of this vulne Free broadcast vulnerability in the running management module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49243 [HIGH] CVE-2023-49243: Vulnerability of unauthorized access to email attachments in the email module. Successful exploitati Vulnerability of unauthorized access to email attachments in the email module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-44099 [HIGH] CWE-754 CVE-2023-44099: Vulnerability of data verification errors in the kernel module. Successful exploitation of this vuln Vulnerability of data verification errors in the kernel module. Successful exploitation of this vulnerability may cause WLAN interruption.