Emui
CVE-2024-58126
HIGH
Severity by source
AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
AnalysisAI
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-290. Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. Affected products include: Huawei Emui, Huawei Harmonyos.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Deserialization mismatch vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability w
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability w
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability w
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability w
Permission verification bypass vulnerability in the notification module Impact: Successful exploitation of this vulnerab
Permission control vulnerability in the Settings module. Rated high severity (CVSS 8.4), this vulnerability is no authen
Input verification vulnerability in the ExternalStorageProvider module Impact: Successful exploitation of this vulnerabi
Permission bypass in Huawei HarmonyOS and EMUI LBS (Location-Based Services) module enables highly-privileged local atta
Permission bypass vulnerability in the window module Impact: Successful exploitation of this vulnerability may affect se
EXTRA_REFERRER resource read vulnerability in the Gallery module. Rated high severity (CVSS 7.3), this vulnerability is
Permission bypass vulnerability in the system service framework. Impact: Successful exploitation of this vulnerability m
Same weakness CWE-290 – Authentication Bypass by Spoofing
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today