Lucene search
HistorySep 16, 2022 - 6:15 p.m.
CVE-2022-39007
cve-2022-39007
location module
vulnerability
bypassing permission verification
privilege escalation
nvd
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.4 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
60.6%
The location module has a vulnerability of bypassing permission verification.Successful exploitation of this vulnerability may cause privilege escalation.
Affected configurations
Node
huaweiemuiMatch12.0.0
ORhuaweiharmonyosMatch2.0
ORhuaweiharmonyosMatch2.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| huawei:emui | huawei emui | eq | 12.0.0 |
| huawei:harmonyos | huawei harmonyos | eq | 2.0 |
| huawei:harmonyos | huawei harmonyos | eq | 2.1 |
CNA Affected
[
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "2.1"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
}
]
}
]References
Social References
More
Related
cvelist
cvelist
CVE-2022-39007
2022-09-16 17:57:45
nvd
nvd
CVE-2022-39007
2022-09-16 18:15:18
prion
prion
Privilege escalation
2022-09-16 18:15:00
cnvd
cnvd
Huawei HarmonyOS Elevation of Privilege Vulnerability (CNVD-2022-64985)
2022-09-07 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.4 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
60.6%
Related for CVE-2022-39007