Lucene search
Huawei TechnologiesHUAWEI-SA-IAVIAHCW-21A3ACD8-ENHistoryNov 30, 2022 - 12:00 a.m.
Security Advisory - Improper Authorization Vulnerability in a Huawei Children's Watch
2022-11-3000:00:00
Huawei Technologies
www.huawei.com
22
security advisory
huawei
children's watch
improper authorization
vulnerability
exploit
access
file
cve-2022-45874
software
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
0.0004 Low
EPSS
Percentile
9.0%
Huawei Aslan Children’s Watch has an improper authorization vulnerability. Successful exploit could allow the attacker to access certain file. (Vulnerability ID:HWPSIRT-2022-62345)
This vulnerability has been assigned a (CVE) ID: CVE-2022-45874
Affected configurations
Node
huaweiaslan-al10Matchaslan-al10-ota
ORhuaweiaslan-al10Match11.1.0.118
ORhuaweiaslan-al10Matchaslan-al10
ORhuaweiaslan-al10Match11.1.0.118
| CPE | Name | Operator | Version |
|---|---|---|---|
| aslan-al10 | eq | Aslan-AL10-OTA | |
| aslan-al10 | eq | 11.1.0.118 | |
| aslan-al10 | eq | Aslan-AL10 | |
| aslan-al10 | eq | 11.1.0.118 |
Related
cve
cve
CVE-2022-45874
2022-12-28 18:15:09
prion
prion
Authorization
2022-12-28 18:15:00
cvelist
cvelist
CVE-2022-45874
2022-12-28 00:00:00
nvd
nvd
CVE-2022-45874
2022-12-28 18:15:09
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
0.0004 Low
EPSS
Percentile
9.0%
Related for HUAWEI-SA-IAVIAHCW-21A3ACD8-EN