ID
VAR-202209-0152
CVE
CVE-2022-39007
TITLE
Huawei of EMUI and HarmonyOS Vulnerability in
Trust: 0.8
sources:
JVNDB: JVNDB-2022-017587
DESCRIPTION
The location module has a vulnerability of bypassing permission verification.Successful exploitation of this vulnerability may cause privilege escalation. Huawei of EMUI and HarmonyOS Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Trust: 1.8
sources:
NVD: CVE-2022-39007 //
JVNDB: JVNDB-2022-017587 //
VULHUB: VHN-434775 //
VULMON: CVE-2022-39007
AFFECTED PRODUCTS
| vendor: | huawei | model: | emui | scope: | eq | version: | 12.0.0 | Trust: 1.0 |
| vendor: | huawei | model: | harmonyos | scope: | eq | version: | 2.0 | Trust: 1.0 |
| vendor: | huawei | model: | harmonyos | scope: | eq | version: | 2.1 | Trust: 1.0 |
| vendor: | huawei | model: | emui | scope: | - | version: | - | Trust: 0.8 |
| vendor: | huawei | model: | harmonyos | scope: | - | version: | - | Trust: 0.8 |
sources:
JVNDB: JVNDB-2022-017587 //
NVD: CVE-2022-39007
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
JVNDB: JVNDB-2022-017587 //
CNNVD: CNNVD-202209-164 //
NVD: CVE-2022-39007
PROBLEMTYPE DATA
| problemtype: | NVD-CWE-noinfo | Trust: 1.0 |
| problemtype: | Lack of information (CWE-noinfo) [NVD evaluation ] | Trust: 0.8 |
| problemtype: | CWE-287 | Trust: 0.1 |
sources:
VULHUB: VHN-434775 //
JVNDB: JVNDB-2022-017587 //
NVD: CVE-2022-39007
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202209-164
TYPE
authorization issue
Trust: 0.6
sources:
CNNVD: CNNVD-202209-164
PATCH
| title: | Huawei HarmonyOS Remediation measures for authorization problem vulnerabilities | url: | http://123.124.177.30/web/xxk/bdxqById.tag?id=208616 | Trust: 0.6 |
sources:
CNNVD: CNNVD-202209-164
EXTERNAL IDS
| db: | NVD | id: | CVE-2022-39007 | Trust: 3.4 |
| db: | JVNDB | id: | JVNDB-2022-017587 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-202209-164 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-434775 | Trust: 0.1 |
| db: | VULMON | id: | CVE-2022-39007 | Trust: 0.1 |
sources:
VULHUB: VHN-434775 //
VULMON: CVE-2022-39007 //
JVNDB: JVNDB-2022-017587 //
CNNVD: CNNVD-202209-164 //
NVD: CVE-2022-39007
REFERENCES
| url: | https://consumer.huawei.com/en/support/bulletin/2022/9/ | Trust: 2.6 |
| url: | https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845 | Trust: 2.6 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2022-39007 | Trust: 0.8 |
| url: | https://cxsecurity.com/cveshow/cve-2022-39007/ | Trust: 0.6 |
| url: | https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202209-0000001392078921 | Trust: 0.6 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
sources:
VULHUB: VHN-434775 //
VULMON: CVE-2022-39007 //
JVNDB: JVNDB-2022-017587 //
CNNVD: CNNVD-202209-164 //
NVD: CVE-2022-39007
SOURCES
| db: | VULHUB | id: | VHN-434775 |
| db: | VULMON | id: | CVE-2022-39007 |
| db: | JVNDB | id: | JVNDB-2022-017587 |
| db: | CNNVD | id: | CNNVD-202209-164 |
| db: | NVD | id: | CVE-2022-39007 |
LAST UPDATE DATE
2024-08-14T13:21:43.810000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-434775 | date: | 2022-09-21T00:00:00 |
| db: | VULMON | id: | CVE-2022-39007 | date: | 2022-09-16T00:00:00 |
| db: | JVNDB | id: | JVNDB-2022-017587 | date: | 2023-10-13T08:43:00 |
| db: | CNNVD | id: | CNNVD-202209-164 | date: | 2022-09-22T00:00:00 |
| db: | NVD | id: | CVE-2022-39007 | date: | 2023-08-08T14:22:24.967 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-434775 | date: | 2022-09-16T00:00:00 |
| db: | VULMON | id: | CVE-2022-39007 | date: | 2022-09-16T00:00:00 |
| db: | JVNDB | id: | JVNDB-2022-017587 | date: | 2023-10-13T00:00:00 |
| db: | CNNVD | id: | CNNVD-202209-164 | date: | 2022-09-05T00:00:00 |
| db: | NVD | id: | CVE-2022-39007 | date: | 2022-09-16T18:15:18.170 |