Details of VAR-202206-0936

ID

VAR-202206-0936

CVE

CVE-2022-31754

TITLE

Huawei of EMUI and Magic UI Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-011282

DESCRIPTION

Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features. Huawei of EMUI and Magic UI Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. HUAWEI EMUI is a mobile operating system developed by China Huawei (HUAWEI) based on Android. The following products and versions are affected: EMUI 12.0.0, EMUI 10.1.0, Magic UI 3.1.0

Trust: 1.8

sources: NVD: CVE-2022-31754 // JVNDB: JVNDB-2022-011282 // VULHUB: VHN-423587 // VULMON: CVE-2022-31754

AFFECTED PRODUCTS

vendor:	huawei	model:	emui	scope:	eq	version:	12.0.0	Trust: 1.0
vendor:	huawei	model:	magic ui	scope:	eq	version:	3.1.0	Trust: 1.0
vendor:	huawei	model:	emui	scope:	eq	version:	10.1.0	Trust: 1.0
vendor:	huawei	model:	magic ui	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	emui	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-011282 // NVD: CVE-2022-31754

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-31754
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-31754
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202206-1175
value:	HIGH
Trust: 0.6
VULHUB:	VHN-423587
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2022-31754
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2022-31754
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-423587
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2022-31754
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2022-31754
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-423587 // VULMON: CVE-2022-31754 // JVNDB: JVNDB-2022-011282 // CNNVD: CNNVD-202206-1175 // NVD: CVE-2022-31754

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-011282 // NVD: CVE-2022-31754

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202206-1175

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202206-1175

PATCH

title:

HUAWEI EMUI Security vulnerabilities

url:

http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=196788

Trust: 0.6

sources: CNNVD: CNNVD-202206-1175

EXTERNAL IDS

db:	NVD	id:	CVE-2022-31754	Trust: 3.4
db:	JVNDB	id:	JVNDB-2022-011282	Trust: 0.8
db:	CNNVD	id:	CNNVD-202206-1175	Trust: 0.7
db:	CNVD	id:	CNVD-2022-51602	Trust: 0.1
db:	VULHUB	id:	VHN-423587	Trust: 0.1
db:	VULMON	id:	CVE-2022-31754	Trust: 0.1

sources: VULHUB: VHN-423587 // VULMON: CVE-2022-31754 // JVNDB: JVNDB-2022-011282 // CNNVD: CNNVD-202206-1175 // NVD: CVE-2022-31754

REFERENCES

url:	https://consumer.huawei.com/en/support/bulletin/2022/6/	Trust: 2.6
url:	https://nvd.nist.gov/vuln/detail/cve-2022-31754	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-31754/	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-423587 // VULMON: CVE-2022-31754 // JVNDB: JVNDB-2022-011282 // CNNVD: CNNVD-202206-1175 // NVD: CVE-2022-31754

SOURCES

db:	VULHUB	id:	VHN-423587
db:	VULMON	id:	CVE-2022-31754
db:	JVNDB	id:	JVNDB-2022-011282
db:	CNNVD	id:	CNNVD-202206-1175
db:	NVD	id:	CVE-2022-31754

LAST UPDATE DATE

2024-08-14T14:02:33.599000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-423587	date:	2022-06-18T00:00:00
db:	VULMON	id:	CVE-2022-31754	date:	2022-06-18T00:00:00
db:	JVNDB	id:	JVNDB-2022-011282	date:	2023-08-21T08:18:00
db:	CNNVD	id:	CNNVD-202206-1175	date:	2022-06-20T00:00:00
db:	NVD	id:	CVE-2022-31754	date:	2022-06-18T03:13:51.353

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-423587	date:	2022-06-13T00:00:00
db:	VULMON	id:	CVE-2022-31754	date:	2022-06-13T00:00:00
db:	JVNDB	id:	JVNDB-2022-011282	date:	2023-08-21T00:00:00
db:	CNNVD	id:	CNNVD-202206-1175	date:	2022-06-13T00:00:00
db:	NVD	id:	CVE-2022-31754	date:	2022-06-13T16:15:08.670