CVE-2022-48512

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jul 6, 2023
Updated: Jul 13, 2023
CWE ID 122
CWE ID 416

Summary

CVE-2022-48512 is a Use After Free (UAF) vulnerability identified in the Vdecoderservice service. This issue permits an attacker to potentially cause the image decoding feature to behave abnormally by manipulating memory in an unexpected way. After a specific action, the affected memory may be freed, but a reference to it remains, leading to unintended consequences when that memory is accessed again. Successful exploitation of this vulnerability could result in denial of service or even code execution, posing a significant risk to affected systems.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • HarmonyOS
  • Huawei EMUI

Affected Vendors

  • Huawei Technologies