CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48291
https://notcve.org/view.php?id=CVE-2022-48291
27 Mar 2023 — The Bluetooth module has an authentication bypass vulnerability in the pairing process. Successful exploitation of this vulnerability may affect confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/3 • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-48346
https://notcve.org/view.php?id=CVE-2022-48346
27 Mar 2023 — The HwContacts module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/3 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.4EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48349
https://notcve.org/view.php?id=CVE-2022-48349
27 Mar 2023 — The control component has a spoofing vulnerability. Successful exploitation of this vulnerability may affect confidentiality and availability. • https://consumer.huawei.com/en/support/bulletin/2023/3 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-48357
https://notcve.org/view.php?id=CVE-2022-48357
27 Mar 2023 — Some products have the double fetch vulnerability. Successful exploitation of this vulnerability may cause denial of service (DoS) attacks to the kernel. • https://consumer.huawei.com/en/support/bulletin/2023/3 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-48359
https://notcve.org/view.php?id=CVE-2022-48359
27 Mar 2023 — The recovery mode for updates has a vulnerability that causes arbitrary disk modification. Successful exploitation of this vulnerability may affect confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/3 • CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-26547
https://notcve.org/view.php?id=CVE-2023-26547
27 Mar 2023 — The InputMethod module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation. • https://consumer.huawei.com/en/support/bulletin/2023/3 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-26548
https://notcve.org/view.php?id=CVE-2023-26548
27 Mar 2023 — The pgmng module has a vulnerability in serialization/deserialization. Successful exploitation of this vulnerability may affect availability. • https://consumer.huawei.com/en/support/bulletin/2023/3 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-26549
https://notcve.org/view.php?id=CVE-2023-26549
27 Mar 2023 — The SystemUI module has a vulnerability of repeated app restart due to improper parameters. Successful exploitation of this vulnerability may affect confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/3 • CWE-233: Improper Handling of Parameters •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-48286
https://notcve.org/view.php?id=CVE-2022-48286
09 Feb 2023 — The multi-screen collaboration module has a privilege escalation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/2 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-48287
https://notcve.org/view.php?id=CVE-2022-48287
09 Feb 2023 — The HwContacts module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect data integrity. • https://consumer.huawei.com/en/support/bulletin/2023/2 • CWE-693: Protection Mechanism Failure •