Known Vulnerabilities
CVE-2020-36600
Out-of-bounds write vulnerability in the power consumption module. Successful exploitation of this vulnerability may cause the system to restart.
CVE-2022-37004
The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE). Successful exploitation of this vulnerability may affect the availability.
CVE-2022-37002
The SystemUI module has a privilege escalation vulnerability. Successful exploitation of this vulnerability can cause malicious applications to pop up windows or run in the background.
CVE-2022-34738
The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background.
CVE-2022-34739
The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address mappings.
CVE-2021-46741
The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity.
CVE-2022-31756
The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-31751
The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability.
CVE-2021-46788
Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations.
CVE-2022-22253
The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system stability.
CVE-2022-22254
A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-22256
The DFX module has an access control vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-22257
The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data integrity.
CVE-2021-40047
There is a vulnerability of memory not being released after effective lifetime in the Bastet module. Successful exploitation of this vulnerability may affect integrity.
CVE-2021-40048
There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability will affect availability.
CVE-2021-40054
There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of this vulnerability may affect integrity.
CVE-2021-40055
There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity.
CVE-2021-40064
There is a heap-based buffer overflow vulnerability in system components. Successful exploitation of this vulnerability may affect system stability.
CVE-2021-37103
There is an improper permission management vulnerability in the Wallet apps. Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-22430
There is a logic bypass vulnerability in smartphones. Successful exploitation of this vulnerability may cause code injection.
CVE-2021-37027
There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service integrity.
CVE-2021-22489
There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service availability.
CVE-2021-22448
There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause unauthorized read and write of some files.
CVE-2021-40037
There is a Vulnerability of accessing resources using an incompatible type (type confusion) in the MPTCP subsystem in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart.
CVE-2021-40035
There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability.
CVE-2021-40029
There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability.
CVE-2021-40020
There is an Out-of-bounds array read vulnerability in the security storage module in smartphones. Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-39969
There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-39966
There is an Uninitialized AOD driver structure in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-39967
There is a Vulnerability of obtaining broadcast information improperly due to improper broadcast permission settings in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-37133
There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-37119
There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.
CVE-2021-37117
There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.
CVE-2021-37113
There is a Privilege escalation vulnerability with the file system component in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-37097
There is a Code Injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system restart.
CVE-2021-37092
There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.
CVE-2021-37053
There is a Service logic vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.
CVE-2021-37056
There is an Improper permission control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to obtain certain device information.
CVE-2021-37034
There is an Unstandardized field names in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-37032
There is a Bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Digital Balance to fail to work.
CVE-2021-37030
There is an Improper permission vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.
CVE-2021-22473
There is an Authentication vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-22406
There is an Uncaught Exception vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly.
CVE-2021-22404
There is a Directory traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-22403
There is a vulnerability of hijacking unverified providers in Huawei Smartphone.Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious commands.
CVE-2021-22447
There is an Improper Check for Unusual or Exceptional Conditions Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.
CVE-2021-22446
There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.
CVE-2021-22445
There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.
CVE-2021-22444
There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause code injection.
CVE-2021-22443
There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause random address access.
CVE-2021-22442
There is an Improper Validation of Integrity Check Value Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.
CVE-2021-22414
There is a Memory Buffer Errors Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.
CVE-2021-22413
There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.
CVE-2021-22392
There is an Incorrect Calculation of Buffer Size in Huawei Smartphone.Successful exploitation of this vulnerability may cause verification bypass and directions to abnormal addresses.
CVE-2021-22391
There is an Incorrect Calculation of Buffer Size in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.