Last Modified: Jan. 13, 2022
The bone voice ID TA has a vulnerability in calculating the buffer length,Successful exploitation of this vulnerability may affect data confidentiality.
Tweets last week: 0
Remaining steady
Yahoo results: 0
Remaining steady
Current EPSS Score: 0.00136
Remaining steady
Reddit Posts: 1
Remaining steady
Github Repos: 0
Remaining steady
Found exploits:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Confidentiality: High
Integrity: None
Availability: None
Base Score: 7.5
Exploitability Score:
3.9
Impact Score: 3.6
CVSS V3: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Access Vector: Network
Access Complexity: Low
Authentication: None
Confidentiality Impact: Partial
Integrity Impact: None
Availability Impact: None
Base Score: 5.0
Exploitability Score: 10.0
Impact Score: 2.9
CVSS V2: AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-119
Condition | Configuration | |
---|---|---|
OR | ||
OR | ||
cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:* Part: o Vendor: huawei | Alle Schwachstellen für huawei |
Reference:
added:
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858
https://consumer.huawei.com/en/support/bulletin/2023/7/
<?xml version="1.0" ?> <set operator="and"> <set operator="or"> <prop key="operating_system" value="cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*"/> </set> <prop key="program_influence" value="input"/> <prop key="range" value="remote"/> </set>
<?xml version="1.0" ?> <set operator="and"> <set operator="or"> <prop key="operating_system" value="cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*"/> </set> <prop key="program_influence" value="input"/> <prop key="data" value="any"/> <prop key="data_influence" value="read"/> <prop key="range" value="remote"/> </set>