CVE-2022-41596

The system tool has inconsistent serialization and deserialization. Successful exploitation of this vulnerability will cause unauthorized startup of components.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
huaweiharmonyos
𝑥
< 2.1
huaweiemui
11.0.1
huaweiemui
12.0.0
huaweiemui
12.0.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://consumer.huawei.com/en/support/bulletin/2022/12/
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202212-0000001462975397
https://consumer.huawei.com/en/support/bulletin/2022/12/
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202212-0000001462975397