Huawei Emui vulnerabilities

CVE-2022-46317 [HIGH] CWE-125 CVE-2022-46317: The power consumption module has an out-of-bounds read vulnerability. Successful exploitation of thi The power consumption module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.

CVE-2022-41596 [HIGH] CWE-502 CVE-2022-41596: The system tool has inconsistent serialization and deserialization. Successful exploitation of this The system tool has inconsistent serialization and deserialization. Successful exploitation of this vulnerability will cause unauthorized startup of components.

CVE-2022-46312 [HIGH] CWE-285 CVE-2022-46312: The application management module has a vulnerability in permission verification. Successful exploit The application management module has a vulnerability in permission verification. Successful exploitation of this vulnerability causes unexpected clear of device applications.

CVE-2022-41599 [HIGH] CVE-2022-41599: The system service has a vulnerability that causes incorrect return values. Successful exploitation The system service has a vulnerability that causes incorrect return values. Successful exploitation of this vulnerability may affect data confidentiality.

CVE-2021-46856 [HIGH] CWE-22 CVE-2021-46856: The multi-screen collaboration module has a path traversal vulnerability. Successful exploitation of The multi-screen collaboration module has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.

CVE-2022-46321 [HIGH] CVE-2022-46321: The Wi-Fi module has a vulnerability in permission verification. Successful exploitation of this vul The Wi-Fi module has a vulnerability in permission verification. Successful exploitation of this vulnerability may affect data confidentiality.

CVE-2022-41591 [HIGH] CWE-22 CVE-2022-41591: The backup module has a path traversal vulnerability. Successful exploitation of this vulnerability The backup module has a path traversal vulnerability. Successful exploitation of this vulnerability causes unauthorized access to other system files.

CVE-2022-46322 [HIGH] CWE-787 CVE-2022-46322: Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnera Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.

CVE-2022-46328 [HIGH] CWE-20 CVE-2022-46328: Some smartphones have the input validation vulnerability. Successful exploitation of this vulnerabil Some smartphones have the input validation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.

CVE-2022-46318 [MEDIUM] CVE-2022-46318: The HAware module has a function logic error. Successful exploitation of this vulnerability will aff The HAware module has a function logic error. Successful exploitation of this vulnerability will affect the account removal function in Settings.

CVE-2022-44559 [CRITICAL] CWE-502 CVE-2022-44559: The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitatio The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.

CVE-2022-44558 [CRITICAL] CWE-502 CVE-2022-44558: The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitatio The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.

CVE-2022-44551 [CRITICAL] CWE-362 CVE-2022-44551: The iaware module has a vulnerability in thread security. Successful exploitation of this vulnerabil The iaware module has a vulnerability in thread security. Successful exploitation of this vulnerability will affect confidentiality, integrity, and availability.

CVE-2021-46851 [CRITICAL] CWE-284 CVE-2021-46851: The DRM module has a vulnerability in verifying the secure memory attributes. Successful exploitatio The DRM module has a vulnerability in verifying the secure memory attributes. Successful exploitation of this vulnerability may cause abnormal video playback.

CVE-2022-44562 [CRITICAL] CWE-502 CVE-2022-44562: The system framework layer has a vulnerability of serialization/deserialization mismatch. Successful The system framework layer has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.

CVE-2022-44554 [HIGH] CWE-276 CVE-2022-44554: The power module has a vulnerability in permission verification. Successful exploitation of this vul The power module has a vulnerability in permission verification. Successful exploitation of this vulnerability may cause abnormal status of a module on the device.

CVE-2022-44552 [HIGH] CWE-404 CVE-2022-44552: The lock screen module has defects introduced in the design process. Successful exploitation of this The lock screen module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.

CVE-2022-44547 [HIGH] CWE-416 CVE-2022-44547: The Display Service module has a UAF vulnerability. Successful exploitation of this vulnerability ma The Display Service module has a UAF vulnerability. Successful exploitation of this vulnerability may affect the display service availability.

CVE-2022-44546 [HIGH] CWE-459 CVE-2022-44546: The kernel module has the vulnerability that the mapping is not cleared after the memory is automati The kernel module has the vulnerability that the mapping is not cleared after the memory is automatically released. Successful exploitation of this vulnerability may cause a system restart.

CVE-2022-44550 [HIGH] CWE-416 CVE-2022-44550: The graphics display module has a UAF vulnerability when traversing graphic layers. Successful explo The graphics display module has a UAF vulnerability when traversing graphic layers. Successful exploitation of this vulnerability may affect system availability.