Vulnerability Details CVE-2022-37008
The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 17.6%
CVSS Severity
CVSS v3 Score 7.5
References
- https://consumer.huawei.com/en/support/bulletin/2022/8/
- https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177
- https://consumer.huawei.com/en/support/bulletin/2022/8/
- https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177
Products affected by CVE-2022-37008
-
cpe:2.3:o:huawei:emui:11.0.0
-
cpe:2.3:o:huawei:emui:11.0.1
-
cpe:2.3:o:huawei:emui:12.0.0
-
cpe:2.3:o:huawei:harmonyos:2.0
-
cpe:2.3:o:huawei:magic_ui:4.0.0