CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-48518

Vulnerability of signature verification in the iaware system being initialized later than the time when the system broadcasts are sent. Successful exploitation of this vulnerability may cause malicious apps to start upon power-on by spoofing the package names of apps in the startup trustlist, which affects system performance.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 6.5%

CVSS Severity

CVSS v3 Score 5.5

References

https://consumer.huawei.com/en/support/bulletin/2023/7/
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858
https://consumer.huawei.com/en/support/bulletin/2023/7/
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858

Products affected by CVE-2022-48518

Huawei » Emui » Version: 12.0.0

cpe:2.3:o:huawei:emui:12.0.0
Huawei » Emui » Version: 12.0.1

cpe:2.3:o:huawei:emui:12.0.1
Huawei » Harmonyos » Version: 2.0.0

cpe:2.3:o:huawei:harmonyos:2.0.0
Huawei » Harmonyos » Version: 2.0.1

cpe:2.3:o:huawei:harmonyos:2.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-48518

Products

Pricing

Contact Us