CVSS: 6.6EPSS: 0%CPEs: 9EXPL: 0CVE-2024-56449
https://notcve.org/view.php?id=CVE-2024-56449
08 Jan 2025 — Privilege escalation vulnerability in the Account module Impact: Successful exploitation of this vulnerability may affect service confidentiality. Privilege escalation vulnerability in the Account module Impact: Successful exploitation of this vulnerability may affect service confidentiality. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE-840: Business Logic Errors •
CVSS: 6.7EPSS: 0%CPEs: 9EXPL: 0CVE-2024-56448
https://notcve.org/view.php?id=CVE-2024-56448
08 Jan 2025 — Vulnerability of improper access control in the home screen widget module Impact: Successful exploitation of this vulnerability may affect availability. Vulnerability of improper access control in the home screen widget module Impact: Successful exploitation of this vulnerability may affect availability. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-56447
https://notcve.org/view.php?id=CVE-2024-56447
08 Jan 2025 — Vulnerability of improper permission control in the window management module Impact: Successful exploitation of this vulnerability may affect service confidentiality. Vulnerability of improper permission control in the window management module Impact: Successful exploitation of this vulnerability may affect service confidentiality. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE-269: Improper Privilege Management •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-56442
https://notcve.org/view.php?id=CVE-2024-56442
08 Jan 2025 — Vulnerability of native APIs not being implemented in the NFC service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. Vulnerability of native APIs not being implemented in the NFC service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE-227: 7PK - API Abuse •
CVSS: 4.1EPSS: 0%CPEs: 9EXPL: 0CVE-2024-56441
https://notcve.org/view.php?id=CVE-2024-56441
08 Jan 2025 — Race condition vulnerability in the Bastet module Impact: Successful exploitation of this vulnerability may affect service confidentiality. Race condition vulnerability in the Bastet module Impact: Successful exploitation of this vulnerability may affect service confidentiality. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52955
https://notcve.org/view.php?id=CVE-2023-52955
08 Jan 2025 — Vulnerability of improper authentication in the ANS system service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. Vulnerability of improper authentication in the ANS system service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.4EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52954
https://notcve.org/view.php?id=CVE-2023-52954
08 Jan 2025 — Vulnerability of improper permission control in the Gallery module Impact: Successful exploitation of this vulnerability may affect availability. Vulnerability of improper permission control in the Gallery module Impact: Successful exploitation of this vulnerability may affect availability. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE CATEGORY •
CVSS: 6.2EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52953
https://notcve.org/view.php?id=CVE-2023-52953
08 Jan 2025 — Path traversal vulnerability in the Medialibrary module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. Path traversal vulnerability in the Medialibrary module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. • https://consumer.huawei.com/en/support/bulletin/2025/1 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.2EPSS: 0%CPEs: 9EXPL: 0CVE-2024-54101
https://notcve.org/view.php?id=CVE-2024-54101
12 Dec 2024 — Denial of service (DoS) vulnerability in the installation module Impact: Successful exploitation of this vulnerability will affect availability. Denial of service (DoS) vulnerability in the installation module Impact: Successful exploitation of this vulnerability will affect availability. • https://consumer.huawei.com/en/support/bulletin/2024/12 • CWE-20: Improper Input Validation •
CVSS: 6.2EPSS: 0%CPEs: 9EXPL: 0CVE-2024-54100
https://notcve.org/view.php?id=CVE-2024-54100
12 Dec 2024 — Vulnerability of improper access control in the secure input module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. Vulnerability of improper access control in the secure input module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. • https://consumer.huawei.com/en/support/bulletin/2024/12 • CWE-20: Improper Input Validation •