Lucene search

HuaweiCVELIST:CVE-2024-42035

HistoryAug 08, 2024 - 9:26 a.m.

CVE-2024-42035

2024-08-0809:26:10

CWE-264

huawei

www.cve.org

vulnerability permission control functionality confidentiality app multiplier module successful exploitation

CVSS3

8.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

9.5%

JSON

Permission control vulnerability in the App Multiplier module
Impact:Successful exploitation of this vulnerability may affect functionality and confidentiality.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "HarmonyOS",
    "vendor": "Huawei",
    "versions": [
      {
        "status": "affected",
        "version": "4.2.0"
      },
      {
        "status": "affected",
        "version": "4.0.0"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "EMUI",
    "vendor": "Huawei",
    "versions": [
      {
        "status": "affected",
        "version": "14.0.0"
      }
    ]
  }
]

References

consumer.huawei.com/en/support/bulletin/2024/8/

CVSS3

8.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

9.5%

JSON

Related for CVELIST:CVE-2024-42035