Improper Input Validation in Huawei Aslan Children's Watch
CVE-2022-39012

7.5HIGH

Key Information:

Vendor: Huawei
Status: Aslan-al10
Vendor: CVE Published:; 28 December 2022

Summary

The Huawei Aslan Children's Watch has a vulnerability related to improper input validation, which can lead to abnormal behavior in the watch's application service. This flaw can allow attackers to exploit the system, potentially disrupting normal operations and privacy functions for users.

Affected Version(s)

Aslan-AL10 11.1.0.118(C00M06)-11.1.0.10118(C00M06)

References

https://www.huawei.com/en/psirt/security-advisories/2022/...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 28, 2022
Vulnerability Reserved
Aug 29, 2022