CVE-2023-46772

Published: Nov 8, 2023Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Vulnerability of parameters being out of the value range in the QMI service module. Successful exploitation of this vulnerability may cause errors in reading file data.

Affected (1)

Products: Huawei: Emui

Huawei

1 product

Emui

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Huawei Emui	Version 11.0.1

Related CWEs

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (4)

https://consumer.huawei.com/en/support/bulletin/2023/11/

Source: psirt@huawei.com

Vendor Advisory

https://device.harmonyos.com/en/docs/security/update/security-bulletins-202311-0000001729189597

Source: psirt@huawei.com

Not Applicable

https://consumer.huawei.com/en/support/bulletin/2023/11/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://device.harmonyos.com/en/docs/security/update/security-bulletins-202311-0000001729189597

Source: af854a3a-2127-422b-91ae-364da2661108

Not Applicable

Timeline

No history available yet.