CVE-2022-31753

Description

The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability.

Related CPE's

ohuaweimagic_ui3.1.1*******

ohuaweimagic_ui3.1.0*******

ohuaweiemui10.1.0*******

ohuaweiemui10.1.1*******

ohuaweimagic_ui4.0.0*******

ohuaweiemui11.0.0*******

ohuaweiharmonyos2.0*******

ohuaweiemui11.0.1*******

ohuaweiemui12.0.0*******

References

https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482

Vendor Advisory

https://consumer.huawei.com/en/support/bulletin/2022/6/

Vendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

AccessComplexity

LOW

ConfidentialityImpact

NONE

AvailabilityImpact

PARTIAL

IntegrityImpact

NONE

BaseScore

5

VectorString

AV:N/AC:L/Au:N/C:N/I:N/A:P

Version

2.0

AccessVector

NETWORK

Authentication

NONE

Created by Yello
About Severity.io