Huawei Emui vulnerabilities

CVE-2023-6273 [MEDIUM] CWE-276 CVE-2023-6273: Permission management vulnerability in the module for disabling Sound Booster. Successful exploitati Permission management vulnerability in the module for disabling Sound Booster. Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2023-49248 [MEDIUM] CWE-20 CVE-2023-49248: Vulnerability of unauthorized file access in the Settings app. Successful exploitation of this vulne Vulnerability of unauthorized file access in the Settings app. Successful exploitation of this vulnerability may cause unauthorized file access.

CVE-2023-5801 [CRITICAL] CWE-290 CVE-2023-5801: Vulnerability of identity verification being bypassed in the face unlock module. Successful exploita Vulnerability of identity verification being bypassed in the face unlock module. Successful exploitation of this vulnerability will affect integrity and confidentiality.

CVE-2023-46759 [HIGH] CWE-284 CVE-2023-46759: Permission control vulnerability in the call module. Successful exploitation of this vulnerability m Permission control vulnerability in the call module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-46771 [HIGH] CWE-269 CVE-2023-46771: Security vulnerability in the face unlock module. Successful exploitation of this vulnerability may Security vulnerability in the face unlock module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-46758 [HIGH] CWE-269 CVE-2023-46758: Permission management vulnerability in the multi-screen interaction module. Successful exploitation Permission management vulnerability in the multi-screen interaction module. Successful exploitation of this vulnerability may cause service exceptions of the device.

CVE-2023-46761 [HIGH] CWE-787 CVE-2023-46761: Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulne Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions.

CVE-2023-46760 [HIGH] CWE-787 CVE-2023-46760: Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulne Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions.

CVE-2023-46772 [HIGH] CWE-787 CVE-2023-46772: Vulnerability of parameters being out of the value range in the QMI service module. Successful explo Vulnerability of parameters being out of the value range in the QMI service module. Successful exploitation of this vulnerability may cause errors in reading file data.

CVE-2023-46767 [HIGH] CWE-125 CVE-2023-46767: Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulne Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions.

CVE-2023-44115 [HIGH] CWE-200 CVE-2023-44115: Vulnerability of improper permission control in the Booster module. Impact: Successful exploitation Vulnerability of improper permission control in the Booster module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-46770 [HIGH] CWE-787 CVE-2023-46770: Out-of-bounds vulnerability in the sensor module. Successful exploitation of this vulnerability may Out-of-bounds vulnerability in the sensor module. Successful exploitation of this vulnerability may cause mistouch prevention errors on users' mobile phones.

CVE-2023-46765 [HIGH] CWE-754 CVE-2023-46765: Vulnerability of uncaught exceptions in the NFC module. Successful exploitation of this vulnerabilit Vulnerability of uncaught exceptions in the NFC module. Successful exploitation of this vulnerability can affect NFC availability.

CVE-2023-46769 [HIGH] CWE-416 CVE-2023-46769: Use-After-Free (UAF) vulnerability in the dubai module. Successful exploitation of this vulnerabili Use-After-Free (UAF) vulnerability in the dubai module. Successful exploitation of this vulnerability will affect availability.

CVE-2023-46762 [HIGH] CWE-125 CVE-2023-46762: Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulne Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions.

CVE-2023-44098 [HIGH] CWE-200 CVE-2023-44098: Vulnerability of missing encryption in the card management module. Successful exploitation of this v Vulnerability of missing encryption in the card management module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-46766 [HIGH] CWE-125 CVE-2023-46766: Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulne Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions.

CVE-2023-46768 [HIGH] CWE-416 CVE-2023-46768: Multi-thread vulnerability in the idmap module. Successful exploitation of this vulnerability may ca Multi-thread vulnerability in the idmap module. Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2023-46774 [HIGH] CVE-2023-46774: Vulnerability of uncaught exceptions in the NFC module. Successful exploitation of this vulnerabilit Vulnerability of uncaught exceptions in the NFC module. Successful exploitation of this vulnerability can affect NFC availability.

CVE-2022-48613 [MEDIUM] CWE-362 CVE-2022-48613: Race condition vulnerability in the kernel module. Successful exploitation of this vulnerability may Race condition vulnerability in the kernel module. Successful exploitation of this vulnerability may cause variable values to be read with the condition evaluation bypassed.