Vulnerability Database

300,214

Total vulnerabilities in the database

CVE-2022-45118

OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication subsystem sends public events with personal data, but the permission is not set. Malicious apps could listen to public events and obtain information such as mobile numbers and SMS data without permissions.

Published: Dec 8, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-45118
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-276

Affected Software
References

Software	From	Fixed in
openharmony / openharmony	3.1	3.1.4.x

https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-12.md

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo