CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-31225
https://notcve.org/view.php?id=CVE-2023-31225
The Gallery app has the risk of hijacking attacks. Successful exploitation of this vulnerability may cause download failures and affect product availability. • https://consumer.huawei.com/en/support/bulletin/2023/5 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-31226
https://notcve.org/view.php?id=CVE-2023-31226
The SDK for the MediaPlaybackController module has improper permission verification. Successful exploitation of this vulnerability may affect confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/5 • CWE-863: Incorrect Authorization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-31227
https://notcve.org/view.php?id=CVE-2023-31227
The hwPartsDFR module has a vulnerability in API calling verification. Successful exploitation of this vulnerability may affect device confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/5 •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-1696
https://notcve.org/view.php?id=CVE-2023-1696
The multimedia video module has a vulnerability in data processing.Successful exploitation of this vulnerability may affect availability. • https://consumer.huawei.com/en/support/bulletin/2023/4 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202304-0000001506528486 •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-1694
https://notcve.org/view.php?id=CVE-2023-1694
The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/4 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202304-0000001506528486 • CWE-269: Improper Privilege Management •