CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-37239
https://notcve.org/view.php?id=CVE-2023-37239
Format string vulnerability in the distributed file system. Attackers who bypass the selinux permission can exploit this vulnerability to crash the program. • https://consumer.huawei.com/en/support/bulletin/2023/7 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-48508
https://notcve.org/view.php?id=CVE-2022-48508
Inappropriate authorization vulnerability in the system apps. Successful exploitation of this vulnerability may affect service integrity. • https://consumer.huawei.com/en/support/bulletin/2023/7 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858 • CWE-264: Permissions, Privileges, and Access Controls CWE-863: Incorrect Authorization •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-34165
https://notcve.org/view.php?id=CVE-2023-34165
Unauthorized access vulnerability in the Save for later feature provided by AI Touch.Successful exploitation of this vulnerability may cause third-party apps to forge a URI for unauthorized access with zero permissions. • https://device.harmonyos.com/en/docs/security/update/security-bulletins-202306-0000001560777672 • CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-1696
https://notcve.org/view.php?id=CVE-2023-1696
The multimedia video module has a vulnerability in data processing.Successful exploitation of this vulnerability may affect availability. • https://consumer.huawei.com/en/support/bulletin/2023/4 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202304-0000001506528486 •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-1694
https://notcve.org/view.php?id=CVE-2023-1694
The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/4 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202304-0000001506528486 • CWE-269: Improper Privilege Management •