CVE-2022-48512
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Jul 6, 2023
Updated: Jul 13, 2023
CWE ID 122
CWE ID 416
Summary
CVE-2022-48512 is a Use After Free (UAF) vulnerability identified in the Vdecoderservice service. This issue permits an attacker to potentially cause the image decoding feature to behave abnormally by manipulating memory in an unexpected way. After a specific action, the affected memory may be freed, but a reference to it remains, leading to unintended consequences when that memory is accessed again. Successful exploitation of this vulnerability could result in denial of service or even code execution, posing a significant risk to affected systems.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- HarmonyOS
- Huawei EMUI
Affected Vendors
- Huawei Technologies