CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-48295
https://notcve.org/view.php?id=CVE-2022-48295
The IHwAntiMalPlugin interface lacks permission verification. Successful exploitation of this vulnerability can lead to filling problems (batch installation of applications). • https://consumer.huawei.com/en/support/bulletin/2023/2 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202302-0000001454769474 • CWE-281: Improper Preservation of Permissions •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-48302
https://notcve.org/view.php?id=CVE-2022-48302
The AMS module has a vulnerability of lacking permission verification in APIs.Successful exploitation of this vulnerability may affect data confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/2 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202302-0000001454769474 •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-48300
https://notcve.org/view.php?id=CVE-2022-48300
The WMS module lacks the authentication mechanism in some APIs. Successful exploitation of this vulnerability may affect data confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/2 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202302-0000001454769474 • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-46761
https://notcve.org/view.php?id=CVE-2022-46761
The system has a vulnerability that may cause dynamic hiding and restoring of app icons.Successful exploitation of this vulnerability may cause malicious hiding of app icons. El sistema tiene una vulnerabilidad que puede provocar el ocultamiento y la restauración dinámica de los íconos de las aplicaciones. La explotación exitosa de esta vulnerabilidad puede causar el ocultamiento malicioso de los íconos de las aplicaciones. • https://consumer.huawei.com/en/support/bulletin/2023/1 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202301-0000001435541166 •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-47974
https://notcve.org/view.php?id=CVE-2022-47974
The Bluetooth AVRCP module has a vulnerability that can lead to DoS attacks.Successful exploitation of this vulnerability may cause the Bluetooth process to restart. El módulo Bluetooth AVRCP tiene una vulnerabilidad que puede provocar ataques DoS. La explotación exitosa de esta vulnerabilidad puede provocar que el proceso de Bluetooth se reinicie. • https://consumer.huawei.com/en/support/bulletin/2023/1 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202301-0000001435541166 •