Lucene search
HistoryDec 20, 2022 - 9:15 p.m.
CVE-2022-41596
cve-2022-41596
system tool
serialization
deserialization
vulnerability
unauthorized startup
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
0.001 Low
EPSS
Percentile
34.7%
The system tool has inconsistent serialization and deserialization. Successful exploitation of this vulnerability will cause unauthorized startup of components.
Affected configurations
Node
huaweiharmonyosRange<2.1
Node
huaweiemuiMatch11.0.1
ORhuaweiemuiMatch12.0.0
ORhuaweiemuiMatch12.0.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| huawei:harmonyos | huawei harmonyos | lt | 2.1 |
CNA Affected
[
{
"vendor": "Huawei",
"product": "HarmonyOS",
"versions": [
{
"version": "2.0",
"status": "affected"
},
{
"version": "2.1",
"status": "affected"
},
{
"version": "3.0.0",
"status": "affected"
}
]
},
{
"vendor": "Huawei",
"product": "EMUI",
"versions": [
{
"version": "12.0.1",
"status": "affected"
},
{
"version": "12.0.0",
"status": "affected"
},
{
"version": "11.0.1",
"status": "affected"
}
]
}
]Related
cvelist
cvelist
CVE-2022-41596
2022-12-20 00:00:00
nvd
nvd
CVE-2022-41596
2022-12-20 21:15:10
prion
prion
Deserialization of untrusted data
2022-12-20 21:15:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
0.001 Low
EPSS
Percentile
34.7%
Related for CVE-2022-41596