The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability.
References
Link | Resource |
---|---|
https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177 | Vendor Advisory |
https://consumer.huawei.com/en/support/bulletin/2022/8/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2022-08-10 13:16
Updated : 2022-08-15 10:58
NVD link : CVE-2022-37008
Mitre link : CVE-2022-37008
JSON object : View
CWE
CWE-345
Insufficient Verification of Data Authenticity
Products Affected
huawei
- emui
- harmonyos
- magic_ui