CVE-2022-37002

Description

The SystemUI module has a privilege escalation vulnerability. Successful exploitation of this vulnerability can cause malicious applications to pop up windows or run in the background.

CVSS breakdown

Affected products

• Huawei / EMUI10.0.0 – 10.0.0
• Huawei / EMUI12.0.0 – 12.0.0
• Huawei / EMUI11.0.1 – 11.0.1
• Huawei / EMUI11.0.0 – 11.0.0
• Huawei / EMUI10.1.1 – 10.1.1
• Huawei / EMUI10.1.0 – 10.1.0
• Huawei / HarmonyOS2.0 – 2.0
• Huawei / Magic UI4.0.0 – 4.0.0
• Huawei / Magic UI3.1.1 – 3.1.1
• Huawei / Magic UI3.1.0 – 3.1.0
• Huawei / Magic UI3.0.0 – 3.0.0

References

• MISChttps://consumer.huawei.com/en/support/bulletin/2022/8/
• MISChttps://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177