4
CVE-2022-48470
- EPSS 0.14%
- Veröffentlicht 28.12.2024 07:15:19
- Zuletzt bearbeitet 09.12.2025 20:35:12
- Quelle psirt@huawei.com
- CVE-Watchlists
- Unerledigt
Huawei HiLink AI Life product has an identity authentication bypass vulnerability. Successful exploitation of this vulnerability may allow attackers to access restricted functions.(Vulnerability ID:HWPSIRT-2022-42291) This vulnerability has been assigned a (CVE)ID:CVE-2022-48470
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Huawei ≫ Hilink Ai Life Version12.0.2.305
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.14% | 0.038 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@huawei.com | 4 | 1.4 | 2.5 |
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
|
CWE-305 Authentication Bypass by Primary Weakness
The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.
https://www.huawei.com/en/psirt/security-advisories/2023/huawei-sa-iabvihhalp-ea34d670-en