Vulnerability of signature verification in the iaware system being initialized later than the time when the system broadcasts are sent. Successful exploitation of this vulnerability may cause malicious apps to start upon power-on by spoofing the package names of apps in the startup trustlist, which affects system performance.
References
Link | Resource |
---|---|
https://consumer.huawei.com/en/support/bulletin/2023/7/ | Vendor Advisory |
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
12 Jul 2023, 22:36
Type | Values Removed | Values Added |
---|---|---|
First Time |
Huawei harmonyos
Huawei emui Huawei |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
CWE | CWE-665 | |
References | (MISC) https://consumer.huawei.com/en/support/bulletin/2023/7/ - Vendor Advisory | |
References | (MISC) https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858 - Vendor Advisory | |
CPE | cpe:2.3:o:huawei:emui:12.0.1:*:*:*:*:*:*:* cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:* cpe:2.3:o:huawei:harmonyos:2.0.1:*:*:*:*:*:*:* cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:* |
06 Jul 2023, 14:27
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-06 13:15
Updated : 2023-12-10 15:01
NVD link : CVE-2022-48518
Mitre link : CVE-2022-48518
CVE.ORG link : CVE-2022-48518
JSON object : View
Products Affected
huawei
- emui
- harmonyos