Huawei Harmonyos vulnerabilities

CVE-2022-47974 [MEDIUM] CWE-287 CVE-2022-47974: The Bluetooth AVRCP module has a vulnerability that can lead to DoS attacks.Successful exploitation The Bluetooth AVRCP module has a vulnerability that can lead to DoS attacks.Successful exploitation of this vulnerability may cause the Bluetooth process to restart.

CVE-2022-46320 [CRITICAL] CWE-125 CVE-2022-46320: The kernel module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerabi The kernel module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may cause memory overwriting.

CVE-2022-46327 [CRITICAL] CWE-269 CVE-2022-46327: Some smartphones have configuration issues. Successful exploitation of this vulnerability may cause Some smartphones have configuration issues. Successful exploitation of this vulnerability may cause privilege escalation, which results in system service exceptions.

CVE-2022-46326 [CRITICAL] CWE-787 CVE-2022-46326: Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnera Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.

CVE-2022-46325 [CRITICAL] CWE-787 CVE-2022-46325: Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerab Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause system service exceptions.

CVE-2022-46323 [CRITICAL] CWE-787 CVE-2022-46323: Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerab Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause system service exceptions.

CVE-2022-46324 [CRITICAL] CWE-787 CVE-2022-46324: Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnera Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.

CVE-2022-46316 [CRITICAL] CWE-287 CVE-2022-46316: A thread security vulnerability exists in the authentication process. Successful exploitation of thi A thread security vulnerability exists in the authentication process. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability.

CVE-2022-46319 [CRITICAL] CWE-787 CVE-2022-46319: Fingerprint calibration has a vulnerability of lacking boundary judgment. Successful exploitation of Fingerprint calibration has a vulnerability of lacking boundary judgment. Successful exploitation of this vulnerability may cause out-of-bounds write.

CVE-2022-46317 [HIGH] CWE-125 CVE-2022-46317: The power consumption module has an out-of-bounds read vulnerability. Successful exploitation of thi The power consumption module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.

CVE-2022-46315 [HIGH] CWE-400 CVE-2022-46315: The ProfileSDK has defects introduced in the design process. Successful exploitation of this vulnera The ProfileSDK has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.

CVE-2022-46312 [HIGH] CWE-285 CVE-2022-46312: The application management module has a vulnerability in permission verification. Successful exploit The application management module has a vulnerability in permission verification. Successful exploitation of this vulnerability causes unexpected clear of device applications.

CVE-2022-46311 [HIGH] CWE-416 CVE-2022-46311: The contacts component has a free (undefined) provider vulnerability. Successful exploitation of thi The contacts component has a free (undefined) provider vulnerability. Successful exploitation of this vulnerability may affect data integrity.

CVE-2022-46321 [HIGH] CVE-2022-46321: The Wi-Fi module has a vulnerability in permission verification. Successful exploitation of this vul The Wi-Fi module has a vulnerability in permission verification. Successful exploitation of this vulnerability may affect data confidentiality.

CVE-2022-41591 [HIGH] CWE-22 CVE-2022-41591: The backup module has a path traversal vulnerability. Successful exploitation of this vulnerability The backup module has a path traversal vulnerability. Successful exploitation of this vulnerability causes unauthorized access to other system files.

CVE-2021-46856 [HIGH] CWE-22 CVE-2021-46856: The multi-screen collaboration module has a path traversal vulnerability. Successful exploitation of The multi-screen collaboration module has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.

CVE-2022-46322 [HIGH] CWE-787 CVE-2022-46322: Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnera Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.

CVE-2022-41599 [HIGH] CVE-2022-41599: The system service has a vulnerability that causes incorrect return values. Successful exploitation The system service has a vulnerability that causes incorrect return values. Successful exploitation of this vulnerability may affect data confidentiality.

CVE-2022-46328 [HIGH] CWE-20 CVE-2022-46328: Some smartphones have the input validation vulnerability. Successful exploitation of this vulnerabil Some smartphones have the input validation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.

CVE-2022-46310 [HIGH] CWE-200 CVE-2022-46310: The TelephonyProvider module has a vulnerability in obtaining values.Successful exploitation of this The TelephonyProvider module has a vulnerability in obtaining values.Successful exploitation of this vulnerability may affect data confidentiality.