CVE-2024-54096

Published: Dec 12, 2024Modified: Jan 10, 2025

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

Vulnerability of improper access control in the MTP module Impact: Successful exploitation of this vulnerability may affect integrity and accuracy.

Affected (9)

Products: Huawei: Emui, Harmonyos

2 products

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Huawei Emui	Version 12.0.0
Huawei Emui	Version 13.0.0
Huawei Emui	Version 14.0.0
Huawei Harmonyos	Version 2.0.0
Huawei Harmonyos	Version 2.1.0
Huawei Harmonyos	Version 3.0.0
Huawei Harmonyos	Version 3.1.0
Huawei Harmonyos	Version 4.0.0
Huawei Harmonyos	Version 4.2.0

Related CWEs

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (1)

https://consumer.huawei.com/en/support/bulletin/2024/12/

Source: psirt@huawei.com

Vendor Advisory

Timeline

No history available yet.