CVE Vulnerabilities

CVE-2022-48518

Published: Jul 06, 2023 | Modified: Nov 21, 2024
CVSS 3.x
5.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Vulnerability of signature verification in the iaware system being initialized later than the time when the system broadcasts are sent. Successful exploitation of this vulnerability may cause malicious apps to start upon power-on by spoofing the package names of apps in the startup trustlist, which affects system performance.

Affected Software

Name Vendor Start Version End Version
Emui Huawei 12.0.0 (including) 12.0.0 (including)
Emui Huawei 12.0.1 (including) 12.0.1 (including)
Harmonyos Huawei 2.0.0 (including) 2.0.0 (including)
Harmonyos Huawei 2.0.1 (including) 2.0.1 (including)

References