Huawei Emui vulnerabilities

CVE-2023-52537 [HIGH] CWE-280 CVE-2023-52537: Vulnerability of package name verification being bypassed in the HwIms module. Impact: Successful ex Vulnerability of package name verification being bypassed in the HwIms module. Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2023-52545 [HIGH] CWE-276 CVE-2023-52545: Vulnerability of undefined permissions in the Calendar app. Impact: Successful exploitation of this Vulnerability of undefined permissions in the Calendar app. Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2023-52388 [HIGH] CWE-732 CVE-2023-52388: Permission control vulnerability in the clock module. Impact: Successful exploitation of this vulner Permission control vulnerability in the clock module. Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2023-52359 [HIGH] CWE-285 CVE-2023-52359: Vulnerability of permission verification in some APIs in the ActivityTaskManagerService module. Impa Vulnerability of permission verification in some APIs in the ActivityTaskManagerService module. Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-27896 [HIGH] CWE-20 CVE-2024-27896: Input verification vulnerability in the log module. Impact: Successful exploitation of this vulnerab Input verification vulnerability in the log module. Impact: Successful exploitation of this vulnerability can affect integrity.

CVE-2023-52550 [HIGH] CWE-120 CVE-2023-52550: Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of t Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-52546 [HIGH] CWE-345 CVE-2023-52546: Vulnerability of package name verification being bypassed in the Calendar app. Impact: Successful ex Vulnerability of package name verification being bypassed in the Calendar app. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-52553 [HIGH] CWE-362 CVE-2023-52553: Race condition vulnerability in the Wi-Fi module. Impact: Successful exploitation of this vulnerabil Race condition vulnerability in the Wi-Fi module. Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2023-52554 [MEDIUM] CWE-732 CVE-2023-52554: Permission control vulnerability in the Bluetooth module. Impact: Successful exploitation of this vu Permission control vulnerability in the Bluetooth module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-52551 [MEDIUM] CWE-120 CVE-2023-52551: Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of t Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-52385 [MEDIUM] CWE-20 CVE-2023-52385: Out-of-bounds write vulnerability in the RSMC module. Impact: Successful exploitation of this vulner Out-of-bounds write vulnerability in the RSMC module. Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2023-52364 [MEDIUM] CWE-120 CVE-2023-52364: Vulnerability of input parameters being not strictly verified in the RSMC module. Impact: Successful Vulnerability of input parameters being not strictly verified in the RSMC module. Impact: Successful exploitation of this vulnerability may cause out-of-bounds write.

CVE-2023-52544 [MEDIUM] CWE-22 CVE-2023-52544: Vulnerability of file path verification being bypassed in the email module. Impact: Successful explo Vulnerability of file path verification being bypassed in the email module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-52542 [MEDIUM] CWE-281 CVE-2023-52542: Permission verification vulnerability in the system module. Impact: Successful exploitation of this Permission verification vulnerability in the system module. Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2023-52543 [MEDIUM] CWE-269 CVE-2023-52543: Permission verification vulnerability in the system module. Impact: Successful exploitation of this Permission verification vulnerability in the system module. Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-30415 [CRITICAL] CWE-276 CVE-2024-30415: Vulnerability of improper permission control in the window management module. Impact: Successful exp Vulnerability of improper permission control in the window management module. Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-30414 [HIGH] CWE-78 CVE-2024-30414: Command injection vulnerability in the AccountManager module. Impact: Successful exploitation of thi Command injection vulnerability in the AccountManager module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-52713 [HIGH] CWE-862 CVE-2023-52713: Vulnerability of improper permission control in the window management module. Impact: Successful exp Vulnerability of improper permission control in the window management module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

CVE-2023-52714 [HIGH] CWE-657 CVE-2023-52714: Vulnerability of defects introduced in the design process in the hwnff module. Impact: Successful ex Vulnerability of defects introduced in the design process in the hwnff module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-30413 [HIGH] CWE-732 CVE-2024-30413: Vulnerability of improper permission control in the window management module. Impact: Successful exp Vulnerability of improper permission control in the window management module. Impact: Successful exploitation of this vulnerability will affect availability.