CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-48312
https://notcve.org/view.php?id=CVE-2022-48312
The HwPCAssistant module has the out-of-bounds read/write vulnerability. Successful exploitation of this vulnerability may affect confidentiality and integrity. • https://consumer.huawei.com/en/support/bulletin/2023/4 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202304-0000001506528486 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-26547
https://notcve.org/view.php?id=CVE-2023-26547
The InputMethod module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation. • https://consumer.huawei.com/en/support/bulletin/2023/3 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202303-0000001529824505 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-26548
https://notcve.org/view.php?id=CVE-2023-26548
The pgmng module has a vulnerability in serialization/deserialization. Successful exploitation of this vulnerability may affect availability. • https://consumer.huawei.com/en/support/bulletin/2023/3 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202303-0000001529824505 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-26549
https://notcve.org/view.php?id=CVE-2023-26549
The SystemUI module has a vulnerability of repeated app restart due to improper parameters. Successful exploitation of this vulnerability may affect confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/3 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202303-0000001529824505 •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48291
https://notcve.org/view.php?id=CVE-2022-48291
The Bluetooth module has an authentication bypass vulnerability in the pairing process. Successful exploitation of this vulnerability may affect confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/3 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202303-0000001529824505 • CWE-306: Missing Authentication for Critical Function •