Vulnerability Database

299,643

Total vulnerabilities in the database

CVE-2022-48518

Vulnerability of signature verification in the iaware system being initialized later than the time when the system broadcasts are sent. Successful exploitation of this vulnerability may cause malicious apps to start upon power-on by spoofing the package names of apps in the startup trustlist, which affects system performance.

  • Published: Jul 6, 2023
  • Updated: Jul 13, 2023
  • CVE: CVE-2022-48518
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.5
  • AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CWEs:

Software From Fixed in
huawei / emui 12.0.0 12.0.0.x
huawei / emui 12.0.1 12.0.1.x
huawei / harmonyos 2.0.1 2.0.1.x
huawei / harmonyos 2.0.0 2.0.0.x