Huawei Harmonyos vulnerabilities

CVE-2024-47294 [HIGH] CWE-16 CVE-2024-47294: Access permission verification vulnerability in the input method framework module Impact: Successful Access permission verification vulnerability in the input method framework module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-47293 [HIGH] CWE-130 CVE-2024-47293: Out-of-bounds write vulnerability in the HAL-WIFI module Impact: Successful exploitation of this vul Out-of-bounds write vulnerability in the HAL-WIFI module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-47292 [MEDIUM] CWE-22 CVE-2024-47292: Path traversal vulnerability in the Bluetooth module Impact: Successful exploitation of this vulnera Path traversal vulnerability in the Bluetooth module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-47291 [MEDIUM] CWE-16 CVE-2024-47291: Permission vulnerability in the ActivityManagerService (AMS) module Impact: Successful exploitation Permission vulnerability in the ActivityManagerService (AMS) module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-47290 [MEDIUM] CWE-476 CVE-2024-47290: Input validation vulnerability in the USB service module Impact: Successful exploitation of this vul Input validation vulnerability in the USB service module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-45443 [CRITICAL] CWE-22 CVE-2024-45443: Directory traversal vulnerability in the cust module Impact: Successful exploitation of this vulnera Directory traversal vulnerability in the cust module Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

CVE-2024-45441 [HIGH] CWE-20 CVE-2024-45441: Input verification vulnerability in the system service module Impact: Successful exploitation of thi Input verification vulnerability in the system service module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-45442 [HIGH] CWE-264 CVE-2024-45442: Vulnerability of permission verification for APIs in the DownloadProviderMain module Impact: Success Vulnerability of permission verification for APIs in the DownloadProviderMain module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-45450 [HIGH] CWE-200 CVE-2024-45450: Permission control vulnerability in the software update module. Impact: Successful exploitation of t Permission control vulnerability in the software update module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-42039 [HIGH] CWE-285 CVE-2024-42039: Access control vulnerability in the SystemUI module Impact: Successful exploitation of this vulnerab Access control vulnerability in the SystemUI module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-45447 [MEDIUM] CWE-200 CVE-2024-45447: Access control vulnerability in the camera framework module Impact: Successful exploitation of this Access control vulnerability in the camera framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-45449 [MEDIUM] CWE-264 CVE-2024-45449: Access permission verification vulnerability in the ringtone setting module Impact: Successful explo Access permission verification vulnerability in the ringtone setting module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-45444 [MEDIUM] CWE-20 CVE-2024-45444: Access permission verification vulnerability in the WMS module Impact: Successful exploitation of th Access permission verification vulnerability in the WMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-45445 [MEDIUM] CWE-459 CVE-2024-45445: Vulnerability of resources not being closed or released in the keystore module Impact: Successful ex Vulnerability of resources not being closed or released in the keystore module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-45448 [MEDIUM] CWE-1259 CVE-2024-45448: Page table protection configuration vulnerability in the trusted firmware module Impact: Successful Page table protection configuration vulnerability in the trusted firmware module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-45446 [MEDIUM] CWE-20 CVE-2024-45446: Access permission verification vulnerability in the camera driver module Impact: Successful exploita Access permission verification vulnerability in the camera driver module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-8298 [MEDIUM] CWE-701 CVE-2024-8298: Memory request vulnerability in the memory management module Impact: Successful exploitation of this Memory request vulnerability in the memory management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-42035 [HIGH] CWE-862 CVE-2024-42035: Permission control vulnerability in the App Multiplier module Impact:Successful exploitation of this Permission control vulnerability in the App Multiplier module Impact:Successful exploitation of this vulnerability may affect functionality and confidentiality.

CVE-2024-42036 [HIGH] CWE-285 CVE-2024-42036: Access permission verification vulnerability in the Notepad module Impact: Successful exploitation o Access permission verification vulnerability in the Notepad module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-42033 [HIGH] CWE-284 CVE-2024-42033: Access control vulnerability in the security verification module mpact: Successful exploitation of t Access control vulnerability in the security verification module mpact: Successful exploitation of this vulnerability will affect integrity and confidentiality.