File Writing Vulnerability in Honor Products
CVE-2024-47151

7.8HIGH

Key Information:

Vendor: Honor
Status: Magic Os
Vendor: CVE Published:; 26 December 2024

What is CVE-2024-47151?

A file writing vulnerability has been identified in certain Honor products, which could potentially allow for unauthorized code execution. This vulnerability arises when improper validation of file paths is performed, enabling an attacker to manipulate files and execute harmful code on the device. Users of affected Honor devices should be aware of the risks associated with this vulnerability and are encouraged to apply necessary updates and patches as outlined in vendor communications to mitigate potential attacks.

Affected Version(s)

Magic OS 8.0.0.1 < 8.0.0.135

References

https://www.honor.com/global/security/cve-2024-47151/

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 26, 2024
Vulnerability Reserved
Sep 19, 2024

Credit

wrlu