TROYANOSYVIRUS
Volver a CVEs

CVE-2022-38980

CRITICAL
9.8

Descripcion

The HwAirlink module has a heap overflow vulnerability in processing data packets of the proprietary protocol.Successful exploitation of this vulnerability may allow attackers to obtain process control permissions.

Detalles CVE

Puntuacion CVSS v3.19.8
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado10/14/2022
Ultima modificacion5/15/2025
Fuentenvd
Avistamientos honeypot0

Productos afectados

huawei:harmonyos

Debilidades (CWE)

CWE-787CWE-787

Referencias

https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202210-0000001416095697(psirt@huawei.com)
https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202210-0000001416095697(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.