CVE-2024-47293

Published: Sep 27, 2024Modified: Oct 1, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Out-of-bounds write vulnerability in the HAL-WIFI module Impact: Successful exploitation of this vulnerability may affect availability.

Affected (5)

Products: Huawei: Emui, Harmonyos

2 products

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Huawei Emui	Version 13.0.0
Huawei Emui	Version 14.0.0
Huawei Harmonyos	Version 3.0.0
Huawei Harmonyos	Version 4.0.0
Huawei Harmonyos	Version 4.2.0

Related CWEs

Improper Handling of Length Parameter Inconsistency

The product parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data.

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (1)

https://consumer.huawei.com/en/support/bulletin/2024/10/

Source: psirt@huawei.com

Vendor Advisory

Timeline

No history available yet.