The Settings application has an argument injection vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string.
Link | Tags |
---|---|
https://consumer.huawei.com/en/support/bulletin/2022/8/ | vendor advisory |
https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177 | vendor advisory |