CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-48292
https://notcve.org/view.php?id=CVE-2022-48292
09 Feb 2023 — The Bluetooth module has an out-of-memory (OOM) vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/2 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-48293
https://notcve.org/view.php?id=CVE-2022-48293
09 Feb 2023 — The Bluetooth module has an OOM vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/2 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-48294
https://notcve.org/view.php?id=CVE-2022-48294
09 Feb 2023 — The IHwAttestationService interface has a defect in authentication. Successful exploitation of this vulnerability may affect data confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/2 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-48295
https://notcve.org/view.php?id=CVE-2022-48295
09 Feb 2023 — The IHwAntiMalPlugin interface lacks permission verification. Successful exploitation of this vulnerability can lead to filling problems (batch installation of applications). • https://consumer.huawei.com/en/support/bulletin/2023/2 • CWE-281: Improper Preservation of Permissions •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2022-48296
https://notcve.org/view.php?id=CVE-2022-48296
09 Feb 2023 — The SystemUI has a vulnerability in permission management. Successful exploitation of this vulnerability may cause users to receive broadcasts from malicious apps, conveying false alarm information about external storage devices. • https://consumer.huawei.com/en/support/bulletin/2023/2 • CWE-281: Improper Preservation of Permissions •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-48300
https://notcve.org/view.php?id=CVE-2022-48300
09 Feb 2023 — The WMS module lacks the authentication mechanism in some APIs. Successful exploitation of this vulnerability may affect data confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/2 • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-48301
https://notcve.org/view.php?id=CVE-2022-48301
09 Feb 2023 — The bundle management module lacks permission verification in some APIs. Successful exploitation of this vulnerability may restore the pre-installed apps that have been uninstalled. • https://consumer.huawei.com/en/support/bulletin/2023/2 • CWE-281: Improper Preservation of Permissions •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-48302
https://notcve.org/view.php?id=CVE-2022-48302
09 Feb 2023 — The AMS module has a vulnerability of lacking permission verification in APIs.Successful exploitation of this vulnerability may affect data confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/2 • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-46761
https://notcve.org/view.php?id=CVE-2022-46761
06 Jan 2023 — The system has a vulnerability that may cause dynamic hiding and restoring of app icons.Successful exploitation of this vulnerability may cause malicious hiding of app icons. El sistema tiene una vulnerabilidad que puede provocar el ocultamiento y la restauración dinámica de los íconos de las aplicaciones. La explotación exitosa de esta vulnerabilidad puede causar el ocultamiento malicioso de los íconos de las aplicaciones. • https://consumer.huawei.com/en/support/bulletin/2023/1 • CWE-276: Incorrect Default Permissions •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-47974
https://notcve.org/view.php?id=CVE-2022-47974
06 Jan 2023 — The Bluetooth AVRCP module has a vulnerability that can lead to DoS attacks.Successful exploitation of this vulnerability may cause the Bluetooth process to restart. El módulo Bluetooth AVRCP tiene una vulnerabilidad que puede provocar ataques DoS. La explotación exitosa de esta vulnerabilidad puede provocar que el proceso de Bluetooth se reinicie. • https://consumer.huawei.com/en/support/bulletin/2023/1 • CWE-287: Improper Authentication •