Huawei Harmonyos vulnerabilities

CVE-2024-32991 [CRITICAL] CWE-16 CVE-2024-32991: Permission verification vulnerability in the wpa_supplicant module Impact: Successful exploitation o Permission verification vulnerability in the wpa_supplicant module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-32990 [HIGH] CWE-20 CVE-2024-32990: Permission verification vulnerability in the system sharing pop-up module Impact: Successful exploit Permission verification vulnerability in the system sharing pop-up module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-32992 [HIGH] CWE-20 CVE-2024-32992: Insufficient verification vulnerability in the baseband module Impact: Successful exploitation of th Insufficient verification vulnerability in the baseband module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-32989 [HIGH] CWE-20 CVE-2024-32989: Insufficient verification vulnerability in the system sharing pop-up module Impact: Successful explo Insufficient verification vulnerability in the system sharing pop-up module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-32998 [MEDIUM] CWE-824 CVE-2024-32998: NULL pointer access vulnerability in the clock module Impact: Successful exploitation of this vulner NULL pointer access vulnerability in the clock module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-32996 [MEDIUM] CWE-264 CVE-2024-32996: Privilege escalation vulnerability in the account module Impact: Successful exploitation of this vul Privilege escalation vulnerability in the account module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-32999 [MEDIUM] CWE-840 CVE-2024-32999: Cracking vulnerability in the OS security module Impact: Successful exploitation of this vulnerabili Cracking vulnerability in the OS security module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2023-52721 [MEDIUM] CWE-264 CVE-2023-52721: The WindowManager module has a vulnerability in permission control. Impact: Successful exploitation The WindowManager module has a vulnerability in permission control. Impact: Successful exploitation of this vulnerability may affect confidentiality.

CVE-2024-32997 [MEDIUM] CWE-362 CVE-2024-32997: Race condition vulnerability in the binder driver module Impact: Successful exploitation of this vul Race condition vulnerability in the binder driver module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2023-52720 [MEDIUM] CWE-362 CVE-2023-52720: Race condition vulnerability in the soundtrigger module Impact: Successful exploitation of this vuln Race condition vulnerability in the soundtrigger module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2023-52383 [MEDIUM] CWE-415 CVE-2023-52383: Double-free vulnerability in the RSMC module Impact: Successful exploitation of this vulnerability w Double-free vulnerability in the RSMC module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2023-52384 [MEDIUM] CWE-415 CVE-2023-52384: Double-free vulnerability in the RSMC module Impact: Successful exploitation of this vulnerability w Double-free vulnerability in the RSMC module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2023-52719 [MEDIUM] CWE-16 CVE-2023-52719: Privilege escalation vulnerability in the PMS module Impact: Successful exploitation of this vulnera Privilege escalation vulnerability in the PMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-32993 [MEDIUM] CWE-362 CVE-2024-32993: Out-of-bounds access vulnerability in the memory module Impact: Successful exploitation of this vuln Out-of-bounds access vulnerability in the memory module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-32995 [MEDIUM] CWE-248 CVE-2024-32995: Denial of service (DoS) vulnerability in the AMS module Impact: Successful exploitation of this vuln Denial of service (DoS) vulnerability in the AMS module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-4046 [MEDIUM] CWE-840 CVE-2024-4046: Cracking vulnerability in the OS security module Impact: Successful exploitation of this vulnerabili Cracking vulnerability in the OS security module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2023-52538 [CRITICAL] CWE-347 CVE-2023-52538: Vulnerability of package name verification being bypassed in the HwIms module. Impact: Successful ex Vulnerability of package name verification being bypassed in the HwIms module. Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2023-52386 [HIGH] CWE-787 CVE-2023-52386: Out-of-bounds write vulnerability in the RSMC module. Impact: Successful exploitation of this vulner Out-of-bounds write vulnerability in the RSMC module. Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2023-52541 [HIGH] CWE-862 CVE-2023-52541: Authentication vulnerability in the API for app pre-loading. Impact: Successful exploitation of this Authentication vulnerability in the API for app pre-loading. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-52539 [HIGH] CWE-285 CVE-2023-52539: Permission verification vulnerability in the Settings module. Impact: Successful exploitation of thi Permission verification vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.