Buffer Overflow in Video Framework Affects Huawei Products
CVE-2022-39003

9.1CRITICAL

Key Information:

Vendor: Huawei
Status: Emui; Magic Ui
Vendor: CVE Published:; 16 September 2022

What is CVE-2022-39003?

A buffer overflow vulnerability exists in the video framework used by Huawei products. This flaw allows for potential exploitation that could compromise the confidentiality and integrity of the affected systems. By manipulating buffers, an attacker could execute arbitrary code or cause unexpected behavior, leading to unauthorized access or system disruption. Users are advised to implement available patches and follow best security practices to mitigate risks associated with this vulnerability.

Affected Version(s)

EMUI 11.0.0

Magic UI 4.0.0

References

https://consumer.huawei.com/en/support/bulletin/2022/9/

x_refsource_MISC

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2022
Vulnerability Reserved
Aug 29, 2022