Sign-up

ID

VAR-202209-0172


CVE

CVE-2022-38994


TITLE

Huawei  of  EMUI  and  HarmonyOS  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-016785

DESCRIPTION

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality. Huawei of EMUI and HarmonyOS Exists in unspecified vulnerabilities.Information may be obtained. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in Huawei HarmonyOS, which is caused by a configuration flaw

Trust: 1.71

sources: NVD: CVE-2022-38994 // JVNDB: JVNDB-2022-016785 // VULHUB: VHN-428514

AFFECTED PRODUCTS

vendor:huaweimodel:emuiscope:eqversion:12.0.0

Trust: 1.0

vendor:huaweimodel:harmonyosscope:eqversion:2.0

Trust: 1.0

vendor:huaweimodel:harmonyosscope:eqversion:2.1

Trust: 1.0

vendor:huaweimodel:emuiscope: - version: -

Trust: 0.8

vendor:huaweimodel:harmonyosscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-016785 // NVD: CVE-2022-38994

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-38994
value: HIGH

Trust: 1.0

NVD: CVE-2022-38994
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202209-178
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-38994
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2022-38994
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-016785 // CNNVD: CNNVD-202209-178 // NVD: CVE-2022-38994

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-016785 // NVD: CVE-2022-38994

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202209-178

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202209-178

PATCH

title:Huawei HarmonyOS Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=208083

Trust: 0.6

sources: CNNVD: CNNVD-202209-178

EXTERNAL IDS

db:NVDid:CVE-2022-38994

Trust: 3.3

db:JVNDBid:JVNDB-2022-016785

Trust: 0.8

db:CNNVDid:CNNVD-202209-178

Trust: 0.7

db:VULHUBid:VHN-428514

Trust: 0.1

sources: VULHUB: VHN-428514 // JVNDB: JVNDB-2022-016785 // CNNVD: CNNVD-202209-178 // NVD: CVE-2022-38994

REFERENCES

url:https://consumer.huawei.com/en/support/bulletin/2022/9/

Trust: 2.5

url:https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845

Trust: 2.5

url:https://nvd.nist.gov/vuln/detail/cve-2022-38994

Trust: 0.8

url:https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202209-0000001392078921

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-38994/

Trust: 0.6

sources: VULHUB: VHN-428514 // JVNDB: JVNDB-2022-016785 // CNNVD: CNNVD-202209-178 // NVD: CVE-2022-38994

SOURCES

db:VULHUBid:VHN-428514
db:JVNDBid:JVNDB-2022-016785
db:CNNVDid:CNNVD-202209-178
db:NVDid:CVE-2022-38994

LAST UPDATE DATE

2024-08-14T14:17:43.684000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-428514date:2022-09-17T00:00:00
db:JVNDBid:JVNDB-2022-016785date:2023-10-06T08:09:00
db:CNNVDid:CNNVD-202209-178date:2022-09-19T00:00:00
db:NVDid:CVE-2022-38994date:2022-09-17T03:11:09.253

SOURCES RELEASE DATE

db:VULHUBid:VHN-428514date:2022-09-16T00:00:00
db:JVNDBid:JVNDB-2022-016785date:2023-10-06T00:00:00
db:CNNVDid:CNNVD-202209-178date:2022-09-05T00:00:00
db:NVDid:CVE-2022-38994date:2022-09-16T18:15:17.707