CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-0117
https://notcve.org/view.php?id=CVE-2023-0117
The online authentication provided by the hwKitAssistant lacks strict identity verification of applications. Successful exploitation of this vulnerability may affect availability of features,such as MeeTime. • https://consumer.huawei.com/en/support/bulletin/2023/5 • CWE-287: Improper Authentication •
CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-31225
https://notcve.org/view.php?id=CVE-2023-31225
The Gallery app has the risk of hijacking attacks. Successful exploitation of this vulnerability may cause download failures and affect product availability. • https://consumer.huawei.com/en/support/bulletin/2023/5 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-31226
https://notcve.org/view.php?id=CVE-2023-31226
The SDK for the MediaPlaybackController module has improper permission verification. Successful exploitation of this vulnerability may affect confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/5 • CWE-863: Incorrect Authorization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-31227
https://notcve.org/view.php?id=CVE-2023-31227
The hwPartsDFR module has a vulnerability in API calling verification. Successful exploitation of this vulnerability may affect device confidentiality. • https://consumer.huawei.com/en/support/bulletin/2023/5 •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-1696
https://notcve.org/view.php?id=CVE-2023-1696
The multimedia video module has a vulnerability in data processing.Successful exploitation of this vulnerability may affect availability. • https://consumer.huawei.com/en/support/bulletin/2023/4 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202304-0000001506528486 •