CVE-2022-37008

Summary

The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability.

Affected Software

VendorProductVersion RangeStatus
HuaweiHarmonyOS2.0affected
HuaweiEMUI12.0.0affected
HuaweiEMUI11.0.1affected
HuaweiEMUI11.0.0affected
HuaweiMagic UI4.0.0affected

Weaknesses

  • Verification bypass vulnerability

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References