First published: Tue Aug 09 2022(Updated: )
The Settings application has an argument injection vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei Emui | =10.1.1 | |
Huawei Emui | =11.0.0 | |
Huawei Emui | =11.0.1 | |
Huawei Emui | =12.0.0 | |
Huawei Harmonyos | =2.0 | |
Huawei Magic Ui | =3.1.1 | |
Huawei Magic Ui | =4.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-37005 is an argument injection vulnerability in the Settings application of Huawei devices running Emui 10.1.1, 11.0.0, 11.0.1, 12.0.0, or HarmonyOS 2.0, as well as Magic Ui 3.1.1 and 4.0.0.
Successful exploitation of CVE-2022-37005 may negatively impact data confidentiality on affected Huawei devices.
CVE-2022-37005 has a severity value of 7.5, indicating a high severity.
To fix CVE-2022-37005, users should update their Huawei devices to the latest available software version provided by Huawei.
More information about CVE-2022-37005 can be found on Huawei's support bulletin and HarmonyOS website.