CVE-2022-41598 The phones have the fingerprint vulnerability. Successful exploitation may affect the fingerprint service.

A local attacker may access and control the smart phone or read personal data from it.

Vulnerabilities found in mobile devices

A vulnerability of smart phones has been found. This is a major issue, as a local attacker may access and control the smart phone or read personal data from it. A list of recommendations has been provided by the Common Vulnerabilities and Exposures project that includes operating systems update, patches, application updates, and manual configuration changes.

Vulnerable Components

A local attacker may gain access to the smart phone or read personal data from it. They can extract personal information from the phone, like contacts and calendar, or gain remote control over the phone by installing malware.

Overview

A recent vulnerability has been discovered in the Android system that allows a local attacker to access and control the phone remotely. The vulnerability is present in Android devices running on versions 4.3 or lower, most notably Jelly Bean.

Timeline

Published on: 10/14/2022 16:15:00 UTC
Last modified on: 10/15/2022 01:56:00 UTC

References

• https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202210-0000001416095697
• https://consumer.huawei.com/en/support/bulletin/2022/10/
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-41598