CVE-2022-44548

MEDIUM

HarmonyOS and EMUI - Incorrect Default Permissions in Bluetooth Pairing Process

Title source: llm

Description

There is a vulnerability in permission verification during the Bluetooth pairing process. Successful exploitation of this vulnerability may cause the dialog box for confirming the pairing not to be displayed during Bluetooth pairing.

References (2)

Core 2

Core References

Vendor Advisory

https://consumer.huawei.com/en/support/bulletin/2022/11/

Vendor Advisory

https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202211-0000001441016433

Scores

CVSS v3 4.3

EPSS 0.0003

EPSS Percentile 8.5%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-276

Status published

Products (6)

huawei/emui 11.0.1

huawei/emui 12.0.0

huawei/emui 12.0.1

huawei/harmonyos 2.0

huawei/harmonyos 2.1

huawei/harmonyos 3.0.0

Published Nov 09, 2022

Tracked Since Feb 18, 2026