CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-48514
https://notcve.org/view.php?id=CVE-2022-48514
The Sepolicy module has inappropriate permission control on the use of Netlink.Successful exploitation of this vulnerability may affect confidentiality. • https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48513
https://notcve.org/view.php?id=CVE-2022-48513
Vulnerability of identity verification being bypassed in the Gallery module. Successful exploitation of this vulnerability may cause out-of-bounds access. • https://consumer.huawei.com/en/support/bulletin/2023/7 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-46892
https://notcve.org/view.php?id=CVE-2021-46892
Encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/7 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858 • CWE CATEGORY •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-48511
https://notcve.org/view.php?id=CVE-2022-48511
Use After Free (UAF) vulnerability in the audio PCM driver module under special conditions. Successful exploitation of this vulnerability may cause audio features to perform abnormally. • https://consumer.huawei.com/en/support/bulletin/2023/7 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858 • CWE-416: Use After Free CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-48510
https://notcve.org/view.php?id=CVE-2022-48510
Input verification vulnerability in the AMS module. Successful exploitation of this vulnerability will cause unauthorized operations. • https://consumer.huawei.com/en/support/bulletin/2023/7 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •