CVE-2022-41595

The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.4 LOW
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L
huaweiCNA
---
---
CVEADP
---
---
CISA-ADPADP
3.4 LOW
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
VendorProductVersion
huaweiemui
11.0.1
huaweiemui
12.0.0
huaweiharmonyos
2.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://consumer.huawei.com/en/support/bulletin/2022/10/
https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202210-0000001416095697
https://consumer.huawei.com/en/support/bulletin/2022/10/
https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202210-0000001416095697