First published: Fri Sep 16 2022(Updated: )
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei Emui | =10.1.0 | |
Huawei Emui | =10.1.1 | |
Huawei Emui | =12.0.0 | |
Huawei Harmonyos | =2.0 | |
Huawei Magic Ui | =3.1.0 | |
Huawei Magic Ui | =3.1.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-38988 is a vulnerability in the secure OS module that has configuration defects, which can lead to a compromise of data confidentiality.
CVE-2022-38988 has a severity value of 7.5, indicating a high severity.
CVE-2022-38988 affects Huawei Emui versions 10.1.0, 10.1.1, and 12.0.0, Huawei Harmonyos version 2.0, and Huawei Magic Ui versions 3.1.0 and 3.1.1.
Successful exploitation of CVE-2022-38988 can occur through the configuration defects in the secure OS module.
More information about CVE-2022-38988 can be found at the following references: [Huawei Support Bulletin](https://consumer.huawei.com/en/support/bulletin/2022/9/) and [HarmonyOS Security Bulletins](https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845).