CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-48302
https://notcve.org/view.php?id=CVE-2022-48302
The AMS module has a vulnerability of lacking permission verification in APIs.Successful exploitation of this vulnerability may affect data confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/2 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202302-0000001454769474 •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-48300
https://notcve.org/view.php?id=CVE-2022-48300
The WMS module lacks the authentication mechanism in some APIs. Successful exploitation of this vulnerability may affect data confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/2 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202302-0000001454769474 • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48289
https://notcve.org/view.php?id=CVE-2022-48289
The bundle management module lacks authentication and control mechanisms in some APIs. Successful exploitation of this vulnerability may affect data confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/2 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202302-0000001454769474 • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46314
https://notcve.org/view.php?id=CVE-2022-46314
The IPC module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability. El módulo IPC tiene defectos introducidos en el proceso de diseño. La explotación exitosa de esta vulnerabilidad puede afectar la disponibilidad del sistema. • https://device.harmonyos.com/en/docs/security/update/security-bulletins-202212-0000001462975397 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46313
https://notcve.org/view.php?id=CVE-2022-46313
The sensor privacy module has an authentication vulnerability. Successful exploitation of this vulnerability may cause unavailability of the smartphone's camera and microphone. El módulo de privacidad del sensor tiene una vulnerabilidad de autenticación. La explotación exitosa de esta vulnerabilidad puede provocar que la cámara y el micrófono del teléfono inteligente no estén disponibles. • https://device.harmonyos.com/en/docs/security/update/security-bulletins-202212-0000001462975397 • CWE-287: Improper Authentication •