Sign-up

ID

VAR-202301-0474


CVE

CVE-2022-46761


TITLE

EMUI  and  HarmonyOS  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2023-001770

DESCRIPTION

The system has a vulnerability that may cause dynamic hiding and restoring of app icons.Successful exploitation of this vulnerability may cause malicious hiding of app icons. EMUI and HarmonyOS Exists in unspecified vulnerabilities.Information may be tampered with

Trust: 1.8

sources: NVD: CVE-2022-46761 // JVNDB: JVNDB-2023-001770 // VULHUB: VHN-447441 // VULMON: CVE-2022-46761

AFFECTED PRODUCTS

vendor:huaweimodel:emuiscope:eqversion:12.0.0

Trust: 1.0

vendor:huaweimodel:emuiscope:eqversion:12.0.1

Trust: 1.0

vendor:huaweimodel:harmonyosscope:ltversion:2.0

Trust: 1.0

vendor:huaweimodel:emuiscope:eqversion:11.0.1

Trust: 1.0

vendor:huaweimodel:harmonyosscope: - version: -

Trust: 0.8

vendor:huaweimodel:emuiscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2023-001770 // NVD: CVE-2022-46761

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-46761
value: HIGH

Trust: 1.0

NVD: CVE-2022-46761
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202301-439
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-46761
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2022-46761
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2023-001770 // CNNVD: CNNVD-202301-439 // NVD: CVE-2022-46761

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2023-001770 // NVD: CVE-2022-46761

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202301-439

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202301-439

PATCH

title:security-bulletins-202301-0000001435541166 Huawei Support Bulletinurl:https://device.harmonyos.com/en/docs/security/update/security-bulletins-202301-0000001435541166

Trust: 0.8

title:HUAWEI EMUI/Magic UI Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=221316

Trust: 0.6

sources: JVNDB: JVNDB-2023-001770 // CNNVD: CNNVD-202301-439

EXTERNAL IDS

db:NVDid:CVE-2022-46761

Trust: 3.4

db:JVNDBid:JVNDB-2023-001770

Trust: 0.8

db:CNNVDid:CNNVD-202301-439

Trust: 0.6

db:VULHUBid:VHN-447441

Trust: 0.1

db:VULMONid:CVE-2022-46761

Trust: 0.1

sources: VULHUB: VHN-447441 // VULMON: CVE-2022-46761 // JVNDB: JVNDB-2023-001770 // CNNVD: CNNVD-202301-439 // NVD: CVE-2022-46761

REFERENCES

url:https://consumer.huawei.com/en/support/bulletin/2023/1/

Trust: 1.8

url:https://device.harmonyos.com/en/docs/security/update/security-bulletins-202301-0000001435541166

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-46761

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-46761/

Trust: 0.6

url:https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202301-0000001435541166

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-447441 // VULMON: CVE-2022-46761 // JVNDB: JVNDB-2023-001770 // CNNVD: CNNVD-202301-439 // NVD: CVE-2022-46761

SOURCES

db:VULHUBid:VHN-447441
db:VULMONid:CVE-2022-46761
db:JVNDBid:JVNDB-2023-001770
db:CNNVDid:CNNVD-202301-439
db:NVDid:CVE-2022-46761

LAST UPDATE DATE

2024-08-14T15:26:55.321000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-447441date:2023-01-12T00:00:00
db:VULMONid:CVE-2022-46761date:2023-01-08T00:00:00
db:JVNDBid:JVNDB-2023-001770date:2023-05-09T01:55:00
db:CNNVDid:CNNVD-202301-439date:2023-01-13T00:00:00
db:NVDid:CVE-2022-46761date:2023-01-12T17:09:45.867

SOURCES RELEASE DATE

db:VULHUBid:VHN-447441date:2023-01-06T00:00:00
db:VULMONid:CVE-2022-46761date:2023-01-06T00:00:00
db:JVNDBid:JVNDB-2023-001770date:2023-05-09T00:00:00
db:CNNVDid:CNNVD-202301-439date:2023-01-05T00:00:00
db:NVDid:CVE-2022-46761date:2023-01-06T20:15:09.707