CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-1696
https://notcve.org/view.php?id=CVE-2023-1696
20 May 2023 — The multimedia video module has a vulnerability in data processing.Successful exploitation of this vulnerability may affect availability. • https://consumer.huawei.com/en/support/bulletin/2023/4 • CWE-203: Observable Discrepancy •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-1692
https://notcve.org/view.php?id=CVE-2023-1692
20 May 2023 — The window management module lacks permission verification.Successful exploitation of this vulnerability may affect confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/4 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-48314
https://notcve.org/view.php?id=CVE-2022-48314
16 Apr 2023 — The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/4 • CWE-287: Improper Authentication •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48313
https://notcve.org/view.php?id=CVE-2022-48313
16 Apr 2023 — The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/4 • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48291
https://notcve.org/view.php?id=CVE-2022-48291
27 Mar 2023 — The Bluetooth module has an authentication bypass vulnerability in the pairing process. Successful exploitation of this vulnerability may affect confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/3 • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-48346
https://notcve.org/view.php?id=CVE-2022-48346
27 Mar 2023 — The HwContacts module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/3 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-48354
https://notcve.org/view.php?id=CVE-2022-48354
27 Mar 2023 — The Bluetooth module has a heap out-of-bounds write vulnerability. Successful exploitation of this vulnerability can cause the Bluetooth process to crash. • https://consumer.huawei.com/en/support/bulletin/2023/3 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-48355
https://notcve.org/view.php?id=CVE-2022-48355
27 Mar 2023 — The Bluetooth module has a heap out-of-bounds read vulnerability. Successful exploitation of this vulnerability can cause the Bluetooth process to crash. • https://consumer.huawei.com/en/support/bulletin/2023/3 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-48359
https://notcve.org/view.php?id=CVE-2022-48359
27 Mar 2023 — The recovery mode for updates has a vulnerability that causes arbitrary disk modification. Successful exploitation of this vulnerability may affect confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/3 • CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-26547
https://notcve.org/view.php?id=CVE-2023-26547
27 Mar 2023 — The InputMethod module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation. • https://consumer.huawei.com/en/support/bulletin/2023/3 • CWE-502: Deserialization of Untrusted Data •