CVE-2022-48478

CRITICAL

HarmonyOS - Denial of Service in Facial Recognition TA

Title source: llm
STIX 2.1

Description

The facial recognition TA of some products lacks memory length verification. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service.

References (1)

Core 1

Scores

CVSS v3 9.8
EPSS 0.0019
EPSS Percentile 40.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

Status published
Products (1)
huawei/harmonyos 2.0
Published May 26, 2023
Tracked Since Feb 18, 2026