Search

Find a vulnerability

Search criteria

    40 vulnerabilities found for magicos by honor

    CVE-2025-57839 (GCVE-0-2025-57839)

    Vulnerability from nvd – Published: 2025-10-20 08:04 – Updated: 2025-10-20 13:19
    VLAI
    Summary
    Photo module is affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Honor MagicOS Affected: Magic OS , < 9.0.0.100 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-57839",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-20T13:13:15.933581Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-20T13:19:06.045Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "MagicOS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "9.0.0.100",
                  "status": "affected",
                  "version": "Magic OS",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ePhoto module is affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality.\u003c/span\u003e"
                }
              ],
              "value": "Photo module is affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-20T08:04:00.881Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2025-57839/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2025-57839",
        "datePublished": "2025-10-20T08:04:00.881Z",
        "dateReserved": "2025-08-21T03:17:26.138Z",
        "dateUpdated": "2025-10-20T13:19:06.045Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-57838 (GCVE-0-2025-57838)

    Vulnerability from nvd – Published: 2025-10-20 07:58 – Updated: 2025-10-20 13:32
    VLAI
    Summary
    Some Honor products are affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Honor MagicOS Affected: MagicOS , < 9.0.0.100 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-57838",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-20T13:32:05.519104Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-20T13:32:29.053Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "MagicOS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "9.0.0.100",
                  "status": "affected",
                  "version": "MagicOS",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality.\u003c/span\u003e"
                }
              ],
              "value": "Some Honor products are affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-20T07:58:07.686Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2025-57838/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2025-57838",
        "datePublished": "2025-10-20T07:58:07.686Z",
        "dateReserved": "2025-08-21T03:17:26.138Z",
        "dateUpdated": "2025-10-20T13:32:29.053Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-47150 (GCVE-0-2024-47150)

    Vulnerability from nvd – Published: 2024-12-26 12:16 – Updated: 2024-12-26 16:13
    VLAI
    Summary
    Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Honor Magic OS Affected: 8.0 , < 8.0.0.135 (custom)
    Create a notification for this product.
    Credits
    ycmint working with ADLab of VenusTech
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-47150",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-26T16:13:28.101955Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-203",
                    "description": "CWE-203 Observable Discrepancy",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-26T16:13:32.897Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic OS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "8.0.0.135",
                  "status": "affected",
                  "version": "8.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "ycmint working with ADLab of VenusTech"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-26T12:16:26.133Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2024-47150/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2024-47150",
        "datePublished": "2024-12-26T12:16:26.133Z",
        "dateReserved": "2024-09-19T03:18:03.411Z",
        "dateUpdated": "2024-12-26T16:13:32.897Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-47149 (GCVE-0-2024-47149)

    Vulnerability from nvd – Published: 2024-12-26 12:07 – Updated: 2024-12-26 16:16
    VLAI
    Summary
    Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Honor Magic OS Affected: 8.0 , < 8.0.0.64 (custom)
    Create a notification for this product.
    Credits
    ycmint working with ADLab of VenusTech
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-47149",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-26T16:16:30.637863Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-203",
                    "description": "CWE-203 Observable Discrepancy",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-26T16:16:35.282Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic OS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "8.0.0.64",
                  "status": "affected",
                  "version": "8.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "ycmint working with ADLab of VenusTech"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\u003c/span\u003e"
                }
              ],
              "value": "Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-26T12:07:12.425Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2024-47149/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2024-47149",
        "datePublished": "2024-12-26T12:07:12.425Z",
        "dateReserved": "2024-09-19T03:18:03.411Z",
        "dateUpdated": "2024-12-26T16:16:35.282Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-8994 (GCVE-0-2024-8994)

    Vulnerability from nvd – Published: 2024-12-26 11:13 – Updated: 2024-12-26 16:39
    VLAI
    Summary
    Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Honor Magic OS Affected: 8.0 , < 8.0.0.159 (custom)
    Create a notification for this product.
    Credits
    ycmint working with ADLab of VenusTech
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8994",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-26T16:39:28.528587Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-203",
                    "description": "CWE-203 Observable Discrepancy",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-26T16:39:32.162Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic OS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "8.0.0.159",
                  "status": "affected",
                  "version": "8.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "ycmint working with ADLab of VenusTech"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-26T11:13:17.488Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2024-8994/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2024-8994",
        "datePublished": "2024-12-26T11:13:17.488Z",
        "dateReserved": "2024-09-19T03:18:29.011Z",
        "dateUpdated": "2024-12-26T16:39:32.162Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-8993 (GCVE-0-2024-8993)

    Vulnerability from nvd – Published: 2024-12-26 11:18 – Updated: 2024-12-26 16:38
    VLAI
    Summary
    Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Honor Magic OS Affected: 8.0 , < 8.0.0.159 (custom)
    Create a notification for this product.
    Credits
    ycmint working with ADLab of VenusTech
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8993",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-26T16:38:31.748256Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-203",
                    "description": "CWE-203 Observable Discrepancy",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-26T16:38:58.332Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic OS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "8.0.0.159",
                  "status": "affected",
                  "version": "8.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "ycmint working with ADLab of VenusTech"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\u003c/span\u003e"
                }
              ],
              "value": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-26T11:18:11.112Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2024-8993/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2024-8993",
        "datePublished": "2024-12-26T11:18:11.112Z",
        "dateReserved": "2024-09-19T03:18:26.237Z",
        "dateUpdated": "2024-12-26T16:38:58.332Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-8992 (GCVE-0-2024-8992)

    Vulnerability from nvd – Published: 2024-12-26 11:28 – Updated: 2024-12-26 16:38
    VLAI
    Summary
    Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Honor Magic OS Affected: 8.0 , < 8.0.0.159 (custom)
    Create a notification for this product.
    Credits
    ycmint working with ADLab of VenusTech
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8992",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-26T16:38:02.266886Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-203",
                    "description": "CWE-203 Observable Discrepancy",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-26T16:38:20.375Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic OS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "8.0.0.159",
                  "status": "affected",
                  "version": "8.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "ycmint working with ADLab of VenusTech"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\u003c/span\u003e"
                }
              ],
              "value": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-26T11:28:54.956Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2024-8992/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2024-8992",
        "datePublished": "2024-12-26T11:28:54.956Z",
        "dateReserved": "2024-09-19T03:18:23.451Z",
        "dateUpdated": "2024-12-26T16:38:20.375Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-47157 (GCVE-0-2024-47157)

    Vulnerability from nvd – Published: 2024-12-26 11:52 – Updated: 2024-12-27 14:34
    VLAI
    Summary
    Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-863 - Incorrect Authorization
    Assigner
    Impacted products
    Vendor Product Version
    Honor Magic OS Affected: 8.0 , < 8.0.0.157 (custom)
    Create a notification for this product.
    Credits
    ycmint working with ADLab of VenusTech
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-47157",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-27T14:24:35.567339Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-863",
                    "description": "CWE-863 Incorrect Authorization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-27T14:34:59.128Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic OS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "8.0.0.157",
                  "status": "affected",
                  "version": "8.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "ycmint working with ADLab of VenusTech"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 2.9,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-26T11:52:40.429Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2024-47157/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2024-47157",
        "datePublished": "2024-12-26T11:52:40.429Z",
        "dateReserved": "2024-09-19T03:18:03.412Z",
        "dateUpdated": "2024-12-27T14:34:59.128Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-47155 (GCVE-0-2024-47155)

    Vulnerability from nvd – Published: 2024-12-26 11:47 – Updated: 2024-12-27 14:31
    VLAI
    Summary
    Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Honor Magic OS Affected: 8.0 , < 8.0.0.135 (custom)
    Create a notification for this product.
    Credits
    ycmint working with ADLab of VenusTech
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-47155",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-27T14:31:00.583875Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-203",
                    "description": "CWE-203 Observable Discrepancy",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-27T14:31:59.681Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic OS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "8.0.0.135",
                  "status": "affected",
                  "version": "8.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "ycmint working with ADLab of VenusTech"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-26T11:47:45.436Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2024-47155/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2024-47155",
        "datePublished": "2024-12-26T11:47:45.436Z",
        "dateReserved": "2024-09-19T03:18:03.412Z",
        "dateUpdated": "2024-12-27T14:31:59.681Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-47154 (GCVE-0-2024-47154)

    Vulnerability from nvd – Published: 2024-12-26 11:39 – Updated: 2024-12-27 14:35
    VLAI
    Summary
    Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Honor Magic OS Affected: 8.0 , < 8.0.0.173 (custom)
    Create a notification for this product.
    Credits
    ycmint working with ADLab of VenusTech
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-47154",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-27T14:35:50.268457Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-203",
                    "description": "CWE-203 Observable Discrepancy",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-27T14:35:54.631Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic OS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "8.0.0.173",
                  "status": "affected",
                  "version": "8.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "ycmint working with ADLab of VenusTech"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-26T11:39:52.536Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2024-47154/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2024-47154",
        "datePublished": "2024-12-26T11:39:52.536Z",
        "dateReserved": "2024-09-19T03:18:03.412Z",
        "dateUpdated": "2024-12-27T14:35:54.631Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-47153 (GCVE-0-2024-47153)

    Vulnerability from nvd – Published: 2024-12-26 11:31 – Updated: 2024-12-27 14:36
    VLAI
    Summary
    Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Honor Magic OS Affected: 8.0 , < 8.0.0.159 (custom)
    Create a notification for this product.
    Credits
    ycmint working with ADLab of VenusTech
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-47153",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-27T14:36:44.239320Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-203",
                    "description": "CWE-203 Observable Discrepancy",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-27T14:36:48.205Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic OS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "8.0.0.159",
                  "status": "affected",
                  "version": "8.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "ycmint working with ADLab of VenusTech"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\u003c/span\u003e"
                }
              ],
              "value": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-26T11:31:46.763Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2024-47153/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2024-47153",
        "datePublished": "2024-12-26T11:31:46.763Z",
        "dateReserved": "2024-09-19T03:18:03.412Z",
        "dateUpdated": "2024-12-27T14:36:48.205Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-47148 (GCVE-0-2024-47148)

    Vulnerability from nvd – Published: 2024-12-26 12:01 – Updated: 2024-12-26 16:25
    VLAI
    Summary
    Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-863 - Incorrect Authorization
    Assigner
    Impacted products
    Vendor Product Version
    Honor Magic OS Affected: 8.0 , < 8.0.1.112 (custom)
    Create a notification for this product.
    Credits
    ycmint working with ADLab of VenusTech
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-47148",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-26T16:22:05.320017Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-863",
                    "description": "CWE-863 Incorrect Authorization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-26T16:25:15.454Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic OS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "8.0.1.112",
                  "status": "affected",
                  "version": "8.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "ycmint working with ADLab of VenusTech"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\u003c/span\u003e"
                }
              ],
              "value": "Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-26T12:01:43.893Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2024-47148/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2024-47148",
        "datePublished": "2024-12-26T12:01:43.893Z",
        "dateReserved": "2024-09-19T03:18:03.411Z",
        "dateUpdated": "2024-12-26T16:25:15.454Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-47156 (GCVE-0-2024-47156)

    Vulnerability from nvd – Published: 2024-12-26 11:02 – Updated: 2024-12-26 16:41
    VLAI
    Title
    Information Leak Vulnerability in Honor Product
    Summary
    Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Honor MagicOS Affected: 8.0.0 , < 8.0.0.135 (custom)
    Create a notification for this product.
    Credits
    ycmint working with ADLab of VenusTech
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-47156",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-26T16:40:56.024878Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-203",
                    "description": "CWE-203 Observable Discrepancy",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-26T16:41:09.886Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "MagicOS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "8.0.0.135",
                  "status": "affected",
                  "version": "8.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "ycmint working with ADLab of VenusTech"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\u003c/span\u003e"
                }
              ],
              "value": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-26T11:09:51.840Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2024-47156/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Information Leak Vulnerability in Honor Product",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2024-47156",
        "datePublished": "2024-12-26T11:02:40.837Z",
        "dateReserved": "2024-09-19T03:18:03.412Z",
        "dateUpdated": "2024-12-26T16:41:09.886Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-47151 (GCVE-0-2024-47151)

    Vulnerability from nvd – Published: 2024-12-26 11:09 – Updated: 2024-12-26 16:40
    VLAI
    Summary
    Some Honor products are affected by file writing vulnerability, successful exploitation could cause code execution
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-434 - Unrestricted Upload of File with Dangerous Type
    Assigner
    Impacted products
    Vendor Product Version
    Honor Magic OS Affected: 8.0.0.1 , < 8.0.0.135 (custom)
    Create a notification for this product.
    Credits
    wrlu
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-47151",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-26T16:40:05.788797Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-434",
                    "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-26T16:40:23.453Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic OS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "8.0.0.135",
                  "status": "affected",
                  "version": "8.0.0.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "wrlu"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by file writing vulnerability, successful exploitation could cause code execution\u003c/span\u003e"
                }
              ],
              "value": "Some Honor products are affected by file writing vulnerability, successful exploitation could cause code execution"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-26T11:09:01.825Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2024-47151/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2024-47151",
        "datePublished": "2024-12-26T11:09:01.825Z",
        "dateReserved": "2024-09-19T03:18:03.411Z",
        "dateUpdated": "2024-12-26T16:40:23.453Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-23442 (GCVE-0-2023-23442)

    Vulnerability from nvd – Published: 2023-12-29 03:15 – Updated: 2024-08-02 10:28
    VLAI
    Summary
    Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
    Assigner
    Impacted products
    Vendor Product Version
    Honor Magic OS Affected: 7.0.0.106 , < 7.0.0.158 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T10:28:40.947Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.hihonor.com/global/security/cve-2023-23442/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic OS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "7.0.0.158",
                  "status": "affected",
                  "version": "7.0.0.106",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-29T03:15:52.271Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.hihonor.com/global/security/cve-2023-23442/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2023-23442",
        "datePublished": "2023-12-29T03:15:52.271Z",
        "dateReserved": "2023-01-12T04:00:30.136Z",
        "dateUpdated": "2024-08-02T10:28:40.947Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-57839 (GCVE-0-2025-57839)

    Vulnerability from cvelistv5 – Published: 2025-10-20 08:04 – Updated: 2025-10-20 13:19
    VLAI
    Summary
    Photo module is affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Honor MagicOS Affected: Magic OS , < 9.0.0.100 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-57839",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-20T13:13:15.933581Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-20T13:19:06.045Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "MagicOS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "9.0.0.100",
                  "status": "affected",
                  "version": "Magic OS",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ePhoto module is affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality.\u003c/span\u003e"
                }
              ],
              "value": "Photo module is affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-20T08:04:00.881Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2025-57839/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2025-57839",
        "datePublished": "2025-10-20T08:04:00.881Z",
        "dateReserved": "2025-08-21T03:17:26.138Z",
        "dateUpdated": "2025-10-20T13:19:06.045Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-57838 (GCVE-0-2025-57838)

    Vulnerability from cvelistv5 – Published: 2025-10-20 07:58 – Updated: 2025-10-20 13:32
    VLAI
    Summary
    Some Honor products are affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    Honor MagicOS Affected: MagicOS , < 9.0.0.100 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-57838",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-20T13:32:05.519104Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-20T13:32:29.053Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "MagicOS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "9.0.0.100",
                  "status": "affected",
                  "version": "MagicOS",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality.\u003c/span\u003e"
                }
              ],
              "value": "Some Honor products are affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-20T07:58:07.686Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2025-57838/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2025-57838",
        "datePublished": "2025-10-20T07:58:07.686Z",
        "dateReserved": "2025-08-21T03:17:26.138Z",
        "dateUpdated": "2025-10-20T13:32:29.053Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-47150 (GCVE-0-2024-47150)

    Vulnerability from cvelistv5 – Published: 2024-12-26 12:16 – Updated: 2024-12-26 16:13
    VLAI
    Summary
    Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Honor Magic OS Affected: 8.0 , < 8.0.0.135 (custom)
    Create a notification for this product.
    Credits
    ycmint working with ADLab of VenusTech
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-47150",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-26T16:13:28.101955Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-203",
                    "description": "CWE-203 Observable Discrepancy",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-26T16:13:32.897Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic OS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "8.0.0.135",
                  "status": "affected",
                  "version": "8.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "ycmint working with ADLab of VenusTech"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-26T12:16:26.133Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2024-47150/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2024-47150",
        "datePublished": "2024-12-26T12:16:26.133Z",
        "dateReserved": "2024-09-19T03:18:03.411Z",
        "dateUpdated": "2024-12-26T16:13:32.897Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-47149 (GCVE-0-2024-47149)

    Vulnerability from cvelistv5 – Published: 2024-12-26 12:07 – Updated: 2024-12-26 16:16
    VLAI
    Summary
    Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Honor Magic OS Affected: 8.0 , < 8.0.0.64 (custom)
    Create a notification for this product.
    Credits
    ycmint working with ADLab of VenusTech
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-47149",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-26T16:16:30.637863Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-203",
                    "description": "CWE-203 Observable Discrepancy",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-26T16:16:35.282Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic OS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "8.0.0.64",
                  "status": "affected",
                  "version": "8.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "ycmint working with ADLab of VenusTech"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\u003c/span\u003e"
                }
              ],
              "value": "Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-26T12:07:12.425Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2024-47149/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2024-47149",
        "datePublished": "2024-12-26T12:07:12.425Z",
        "dateReserved": "2024-09-19T03:18:03.411Z",
        "dateUpdated": "2024-12-26T16:16:35.282Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-47148 (GCVE-0-2024-47148)

    Vulnerability from cvelistv5 – Published: 2024-12-26 12:01 – Updated: 2024-12-26 16:25
    VLAI
    Summary
    Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-863 - Incorrect Authorization
    Assigner
    Impacted products
    Vendor Product Version
    Honor Magic OS Affected: 8.0 , < 8.0.1.112 (custom)
    Create a notification for this product.
    Credits
    ycmint working with ADLab of VenusTech
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-47148",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-26T16:22:05.320017Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-863",
                    "description": "CWE-863 Incorrect Authorization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-26T16:25:15.454Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic OS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "8.0.1.112",
                  "status": "affected",
                  "version": "8.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "ycmint working with ADLab of VenusTech"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\u003c/span\u003e"
                }
              ],
              "value": "Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-26T12:01:43.893Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2024-47148/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2024-47148",
        "datePublished": "2024-12-26T12:01:43.893Z",
        "dateReserved": "2024-09-19T03:18:03.411Z",
        "dateUpdated": "2024-12-26T16:25:15.454Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-47157 (GCVE-0-2024-47157)

    Vulnerability from cvelistv5 – Published: 2024-12-26 11:52 – Updated: 2024-12-27 14:34
    VLAI
    Summary
    Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-863 - Incorrect Authorization
    Assigner
    Impacted products
    Vendor Product Version
    Honor Magic OS Affected: 8.0 , < 8.0.0.157 (custom)
    Create a notification for this product.
    Credits
    ycmint working with ADLab of VenusTech
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-47157",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-27T14:24:35.567339Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-863",
                    "description": "CWE-863 Incorrect Authorization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-27T14:34:59.128Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic OS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "8.0.0.157",
                  "status": "affected",
                  "version": "8.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "ycmint working with ADLab of VenusTech"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 2.9,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-26T11:52:40.429Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2024-47157/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2024-47157",
        "datePublished": "2024-12-26T11:52:40.429Z",
        "dateReserved": "2024-09-19T03:18:03.412Z",
        "dateUpdated": "2024-12-27T14:34:59.128Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-47155 (GCVE-0-2024-47155)

    Vulnerability from cvelistv5 – Published: 2024-12-26 11:47 – Updated: 2024-12-27 14:31
    VLAI
    Summary
    Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Honor Magic OS Affected: 8.0 , < 8.0.0.135 (custom)
    Create a notification for this product.
    Credits
    ycmint working with ADLab of VenusTech
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-47155",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-27T14:31:00.583875Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-203",
                    "description": "CWE-203 Observable Discrepancy",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-27T14:31:59.681Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic OS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "8.0.0.135",
                  "status": "affected",
                  "version": "8.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "ycmint working with ADLab of VenusTech"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-26T11:47:45.436Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2024-47155/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2024-47155",
        "datePublished": "2024-12-26T11:47:45.436Z",
        "dateReserved": "2024-09-19T03:18:03.412Z",
        "dateUpdated": "2024-12-27T14:31:59.681Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-47154 (GCVE-0-2024-47154)

    Vulnerability from cvelistv5 – Published: 2024-12-26 11:39 – Updated: 2024-12-27 14:35
    VLAI
    Summary
    Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Honor Magic OS Affected: 8.0 , < 8.0.0.173 (custom)
    Create a notification for this product.
    Credits
    ycmint working with ADLab of VenusTech
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-47154",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-27T14:35:50.268457Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-203",
                    "description": "CWE-203 Observable Discrepancy",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-27T14:35:54.631Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic OS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "8.0.0.173",
                  "status": "affected",
                  "version": "8.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "ycmint working with ADLab of VenusTech"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-26T11:39:52.536Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2024-47154/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2024-47154",
        "datePublished": "2024-12-26T11:39:52.536Z",
        "dateReserved": "2024-09-19T03:18:03.412Z",
        "dateUpdated": "2024-12-27T14:35:54.631Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-47153 (GCVE-0-2024-47153)

    Vulnerability from cvelistv5 – Published: 2024-12-26 11:31 – Updated: 2024-12-27 14:36
    VLAI
    Summary
    Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Honor Magic OS Affected: 8.0 , < 8.0.0.159 (custom)
    Create a notification for this product.
    Credits
    ycmint working with ADLab of VenusTech
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-47153",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-27T14:36:44.239320Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-203",
                    "description": "CWE-203 Observable Discrepancy",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-27T14:36:48.205Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic OS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "8.0.0.159",
                  "status": "affected",
                  "version": "8.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "ycmint working with ADLab of VenusTech"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\u003c/span\u003e"
                }
              ],
              "value": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-26T11:31:46.763Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2024-47153/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2024-47153",
        "datePublished": "2024-12-26T11:31:46.763Z",
        "dateReserved": "2024-09-19T03:18:03.412Z",
        "dateUpdated": "2024-12-27T14:36:48.205Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-8992 (GCVE-0-2024-8992)

    Vulnerability from cvelistv5 – Published: 2024-12-26 11:28 – Updated: 2024-12-26 16:38
    VLAI
    Summary
    Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Honor Magic OS Affected: 8.0 , < 8.0.0.159 (custom)
    Create a notification for this product.
    Credits
    ycmint working with ADLab of VenusTech
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8992",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-26T16:38:02.266886Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-203",
                    "description": "CWE-203 Observable Discrepancy",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-26T16:38:20.375Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic OS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "8.0.0.159",
                  "status": "affected",
                  "version": "8.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "ycmint working with ADLab of VenusTech"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\u003c/span\u003e"
                }
              ],
              "value": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-26T11:28:54.956Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2024-8992/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2024-8992",
        "datePublished": "2024-12-26T11:28:54.956Z",
        "dateReserved": "2024-09-19T03:18:23.451Z",
        "dateUpdated": "2024-12-26T16:38:20.375Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-8993 (GCVE-0-2024-8993)

    Vulnerability from cvelistv5 – Published: 2024-12-26 11:18 – Updated: 2024-12-26 16:38
    VLAI
    Summary
    Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Honor Magic OS Affected: 8.0 , < 8.0.0.159 (custom)
    Create a notification for this product.
    Credits
    ycmint working with ADLab of VenusTech
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8993",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-26T16:38:31.748256Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-203",
                    "description": "CWE-203 Observable Discrepancy",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-26T16:38:58.332Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic OS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "8.0.0.159",
                  "status": "affected",
                  "version": "8.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "ycmint working with ADLab of VenusTech"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\u003c/span\u003e"
                }
              ],
              "value": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-26T11:18:11.112Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2024-8993/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2024-8993",
        "datePublished": "2024-12-26T11:18:11.112Z",
        "dateReserved": "2024-09-19T03:18:26.237Z",
        "dateUpdated": "2024-12-26T16:38:58.332Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-8994 (GCVE-0-2024-8994)

    Vulnerability from cvelistv5 – Published: 2024-12-26 11:13 – Updated: 2024-12-26 16:39
    VLAI
    Summary
    Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Honor Magic OS Affected: 8.0 , < 8.0.0.159 (custom)
    Create a notification for this product.
    Credits
    ycmint working with ADLab of VenusTech
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8994",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-26T16:39:28.528587Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-203",
                    "description": "CWE-203 Observable Discrepancy",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-26T16:39:32.162Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic OS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "8.0.0.159",
                  "status": "affected",
                  "version": "8.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "ycmint working with ADLab of VenusTech"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-26T11:13:17.488Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2024-8994/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2024-8994",
        "datePublished": "2024-12-26T11:13:17.488Z",
        "dateReserved": "2024-09-19T03:18:29.011Z",
        "dateUpdated": "2024-12-26T16:39:32.162Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-47151 (GCVE-0-2024-47151)

    Vulnerability from cvelistv5 – Published: 2024-12-26 11:09 – Updated: 2024-12-26 16:40
    VLAI
    Summary
    Some Honor products are affected by file writing vulnerability, successful exploitation could cause code execution
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-434 - Unrestricted Upload of File with Dangerous Type
    Assigner
    Impacted products
    Vendor Product Version
    Honor Magic OS Affected: 8.0.0.1 , < 8.0.0.135 (custom)
    Create a notification for this product.
    Credits
    wrlu
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-47151",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-26T16:40:05.788797Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-434",
                    "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-26T16:40:23.453Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic OS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "8.0.0.135",
                  "status": "affected",
                  "version": "8.0.0.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "wrlu"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by file writing vulnerability, successful exploitation could cause code execution\u003c/span\u003e"
                }
              ],
              "value": "Some Honor products are affected by file writing vulnerability, successful exploitation could cause code execution"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-26T11:09:01.825Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2024-47151/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2024-47151",
        "datePublished": "2024-12-26T11:09:01.825Z",
        "dateReserved": "2024-09-19T03:18:03.411Z",
        "dateUpdated": "2024-12-26T16:40:23.453Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-47156 (GCVE-0-2024-47156)

    Vulnerability from cvelistv5 – Published: 2024-12-26 11:02 – Updated: 2024-12-26 16:41
    VLAI
    Title
    Information Leak Vulnerability in Honor Product
    Summary
    Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Honor MagicOS Affected: 8.0.0 , < 8.0.0.135 (custom)
    Create a notification for this product.
    Credits
    ycmint working with ADLab of VenusTech
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-47156",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-26T16:40:56.024878Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-203",
                    "description": "CWE-203 Observable Discrepancy",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-26T16:41:09.886Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "MagicOS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "8.0.0.135",
                  "status": "affected",
                  "version": "8.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "ycmint working with ADLab of VenusTech"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.\u003c/span\u003e"
                }
              ],
              "value": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-26T11:09:51.840Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.honor.com/global/security/cve-2024-47156/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Information Leak Vulnerability in Honor Product",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2024-47156",
        "datePublished": "2024-12-26T11:02:40.837Z",
        "dateReserved": "2024-09-19T03:18:03.412Z",
        "dateUpdated": "2024-12-26T16:41:09.886Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-23442 (GCVE-0-2023-23442)

    Vulnerability from cvelistv5 – Published: 2023-12-29 03:15 – Updated: 2024-08-02 10:28
    VLAI
    Summary
    Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
    Assigner
    Impacted products
    Vendor Product Version
    Honor Magic OS Affected: 7.0.0.106 , < 7.0.0.158 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T10:28:40.947Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.hihonor.com/global/security/cve-2023-23442/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic OS",
              "vendor": "Honor",
              "versions": [
                {
                  "lessThan": "7.0.0.158",
                  "status": "affected",
                  "version": "7.0.0.106",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\u003c/span\u003e\n\n"
                }
              ],
              "value": "\nSome Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-29T03:15:52.271Z",
            "orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
            "shortName": "Honor"
          },
          "references": [
            {
              "url": "https://www.hihonor.com/global/security/cve-2023-23442/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
        "assignerShortName": "Honor",
        "cveId": "CVE-2023-23442",
        "datePublished": "2023-12-29T03:15:52.271Z",
        "dateReserved": "2023-01-12T04:00:30.136Z",
        "dateUpdated": "2024-08-02T10:28:40.947Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }