The journal_unmap_buffer function in fs/jbd2/transaction.c in the Linux kernel before 3.3.1 does not properly handle the _Delay and _Unwritten buffer head states, which allows local users to cause a denial of service (system crash) by leveraging the presence of an ext4 filesystem that was mounted with a journal.

CVE-2011-4086

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers.
The top three researchers of the 2023 Q4 Security Researcher Leaderboard are Yuki Chen, Wei, VictorV!
Check out the full list of researchers recognized this quarter here.

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers.

The top three researchers of the 2023 Q4 Security Researcher Leaderboard are **Yuki Chen, Wei, VictorV!**

Check out the full list of researchers recognized this quarter here.

Congratulations to the top Azure researchers this quarter: **Yuki Chen, Wei, and VictorV!**

Congratulations to the top Office researchers this quarter: **Anonymous, The Slyfer, Anonymous working with Trend Micro!**

Congratulations to the top Windows researchers this quarter: **Yuki Chen, Azure Yang, Anonymous!**

This 2023 Q4 leaderboard reflects point values for cases that are:

*   Submitted and assessed by the MSRC team between October 1, 2023, and December 31, 2023
*   Submitted and assessed by the MSRC team between July 1, 2023, and September 30, 2023 (last program period), but assessed after October 1, 2023

Past quarterly and annual leaderboard announcements:

*   MSRC 2023 Q3 Security Researcher Leaderboard
*   MSRC 2023 Q2 Security Researcher Leaderboard
*   MSRC 2023 Q1 Security Researcher Leaderboard
*   MSRC 2023 Most Valuable Security Researcher Leaderboard

Keep up the awesome work and we look forward to seeing you next quarter!

_Madeline Eckert, MSRC_

Congratulations to the Top MSRC 2023 Q4 Security Researchers!

Improper buffer restrictions for some Intel(R) NUC 9 Extreme Laptop Kit drivers before version 2.2.0.22 may allow an authenticated user to potentially enable escalation of privilege via local access.

**Select Your Region**

Sign In to access restricted content

**Using Intel.com Search**

You can easily search the entire Intel.com site in several ways.

*   Brand Name: **Core i9**
*   Document Number: **123456**
*   Code Name: **Alder Lake**
*   Special Operators: **“Ice Lake”, Ice AND Lake, Ice OR Lake, Ice\***

**Quick Links**

You can also try the quick links below to see results for most popular searches.

*   Product Information
*   Support
*   Drivers & Software

**Recent Searches**

Sign In to access restricted content

**Advanced Search**

**Only search in**

Title Description Content ID

Sign in to access restricted content.

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel® NUC 9 Extreme Laptop Kit Advisory**

**Revision History**

Revision

Date

Description

1.0

08/09/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel products and services described may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel products that have met their End of Servicing Updates may no longer receive functional and security updates. For additional details on support and servicing, please see this help article. 

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at http://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation or its subsidiaries in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  

Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2022-21229: INTEL-SA-00665

Uncontrolled search path in the Intel(R) Distribution for Python before version 2022.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

**Select Your Region**

Sign In to access restricted content

**Using Intel.com Search**

You can easily search the entire Intel.com site in several ways.

*   Brand Name: **Core i9**
*   Document Number: **123456**
*   Code Name: **Alder Lake**
*   Special Operators: **“Ice Lake”, Ice AND Lake, Ice OR Lake, Ice\***

**Quick Links**

You can also try the quick links below to see results for most popular searches.

*   Product Information
*   Support
*   Drivers & Software

**Recent Searches**

Sign In to access restricted content

**Advanced Search**

**Only search in**

Title Description Content ID

Sign in to access restricted content.

The browser version you are using is not recommended for this site.  
Please consider upgrading to the latest version of your browser by clicking one of the following links.

*   Safari
*   Chrome
*   Edge
*   Firefox

**Intel® Distribution for Python Advisory**

**Revision History**

Revision

Date

Description

1.0

08/09/2022

Initial Release

**Legal Notices and Disclaimers**

Intel provides these materials as-is, with no express or implied warranties.

All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice.

Intel products and services described may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel products that have met their End of Servicing Updates may no longer receive functional and security updates. For additional details on support and servicing, please see this help article. 

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at http://intel.com.

Some results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance.

Intel and the Intel logo are trademarks of Intel Corporation or its subsidiaries in the United States and other countries.

\*Other names and brands may be claimed as the property of others.  

Copyright © Intel Corporation 2022

**Report a Vulnerability**

If you have information about a security issue or vulnerability with an **Intel branded product or technology**, please send an e-mail to secure@intel.com. Encrypt sensitive information using our PGP public key.

Please provide as much information as possible, including:

*   The products and versions affected
*   Detailed description of the vulnerability
*   Information on known exploits

A member of the Intel Product Security Team will review your e-mail and contact you to collaborate on resolving the issue. For more information on how Intel works to resolve security issues, see:

*   Vulnerability handling guidelines

For issues related to Intel's external web presence (Intel.com and related subdomains), please contact Intel's External Security Research team.

**Need product support?**

If you...

*   Have questions about the security features of an Intel product
*   Require technical support
*   Want product updates or patches

  
Please visit Support & Downloads.

*   Report a Vulnerability
*   Product Support

CVE-2022-28696: INTEL-SA-00684

Immigration and Customs Enforcement's contract with Paragon Solutions faces scrutiny over whether it complies with the Biden administration's executive order on spyware, WIRED has learned.

A $2 million contract that United States Immigration and Customs Enforcement signed with Israeli commercial spyware vendor Paragon Solutions has been paused and placed under compliance review, WIRED has learned.

The White House’s scrutiny of the contract marks the first test of the Biden administration’s executive order restricting the government’s use of spyware.

The one-year contract between Paragon’s US subsidiary in Chantilly, Virginia, and ICE’s Homeland Security Investigations (HSI) Division 3 was signed on September 27 and first reported by WIRED on October 1. A few days later, on October 8, HSI issued a stop-work order for the award “to review and verify compliance with Executive Order 14093,” a Department of Homeland Security spokesperson tells WIRED.

The executive order signed by President Joe Biden in March 2023 aims to restrict the US government’s use of commercial spyware technology while promoting its “responsible use” that aligns with the protection of human rights.

DHS did not confirm whether the contract, which says it covers a “fully configured proprietary solution including license, hardware, warranty, maintenance, and training,” includes the deployment of Paragon’s flagship product, Graphite, a powerful spyware tool that reportedly extracts data primarily from cloud backups.

“We immediately engaged the leadership at DHS and worked very collaboratively together to understand exactly what was put in place, what the scope of this contract was, and whether or not it adhered to the procedures and requirements of the executive order,” a senior US administration official with first-hand knowledge of the workings of the executive order tells WIRED. The official requested anonymity to speak candidly about the White House’s review of the ICE contract.

Paragon Solutions did not respond to WIRED's request to comment on the contract's review.

The process laid out in the executive order requires a robust review of the due diligence regarding both the vendor and the tool, to see whether any concerns, such as counterintelligence, security, and improper use risks, arise. It also stipulates that an agency may not make operational use of the commercial spyware until at least seven days after providing this information to the White House or until the president's national security adviser consents.

“Ultimately, there will have to be a determination made by the leadership of the department. The outcome may be—based on the information and the facts that we have—that this particular vendor and tool does not spur a violation of the requirements in the executive order,” the senior official says.

While publicly available details of ICE’s contract with Paragon are relatively sparse, its existence alone raised alarms among civil liberties groups, with the nonprofit watchdog Human Rights Watch saying in a statement that “giving ICE access to spyware risks exacerbating” the department’s problematic practices. HRW also questioned what it calls the Biden administration’s “piecemeal approach” to spyware regulation.

The level of seriousness with which the US government approaches the compliance review of the Paragon contract will influence international trust in the executive order, experts say.

“We know the dangers mercenary spyware poses when sold to dictatorships, but there is also plenty of evidence of harms in democracies,” says John Scott-Railton, a senior researcher at the University of Toronto’s Citizen Lab who has been instrumental in exposing spyware-related abuses. “This is why oversight, transparency, and accountability around any US agency attempt to acquire these tools is essential.”

International efforts to rein in commercial spyware are gathering pace. On October 11, during the 57th session of the Human Rights Council, United Nation member states reached a consensus to adopt language acknowledging the threat that the misuse of commercial spyware poses to democratic values, as well as the protection of human rights and fundamental freedoms. “This is an important norm setting, especially for countries who claim to be democracies,” says Natalia Krapiva, senior tech-legal counsel at international nonprofit Access Now.

Although the US is leading global efforts to combat spyware through its executive order, trade and visa restrictions, and sanctions, the European Union has been more lenient. Only 11 of the 27 EU member states have joined the US-led initiative stipulated in the “Joint Statement on Efforts to Counter the Proliferation and Misuse of Commercial Spyware,” which now counts 21 signatories, including Australia, Canada, Costa Rica, Japan, and South Korea.

“An unregulated market is both a threat to the citizens of those countries, but also to those governments, and I think that increasingly our hope is that there is a recognition \[in the EU\] of that as well,” the senior US administration official tells WIRED.

The European Commission published on October 16 new guidelines on the export of cyber-surveillance items, including spyware; however, it has yet to respond to the EU Parliament's call to draft a legislative proposal or admonish countries for their misuse of the technology.

While Poland launched an inquiry into the previous government’s spyware use earlier this year, a probe in Spain over the use of spyware against Spanish politicians has so far led to no accusations against those involved, and one in Greece has cleared government agencies of any wrongdoing.

“Europe is in the midst of a mercenary spyware crisis,” says Scott-Railton. “I have looked on with puzzled wonderment as European institutions and governments fail to address this issue at scale, even though there are domestic and export-related international issues.”

With the executive order, the US focuses on its national security and foreign policy interests in the deployment of the technology in accordance with human rights and the rule of law, as well as mitigating counterintelligence risks (e.g. the targeting of US officials). Europe—though it acknowledges the foreign policy dimension—has so far primarily concentrated on human rights considerations rather than counterintelligence and national security threats.

Such a threat became apparent in August, when Google’s Threat Analysis Group (TAG) found that Russian government hackers were using exploits made by spyware companies NSO Group and Intellexa.

Meanwhile, Access Now and Citizen Lab speculated in May that Estonia may have been behind the hacking of exiled Russian journalists, dissidents, and others with NSO Group’s Pegasus spyware.

“In an attempt to protect themselves from Russia, some European countries are using the same tools against the same people that Russia is targeting,” says Access Now’s Krapiva. “By having easier access to this kind of vulnerabilities, because they are then sold on the black market, Russia is able to purchase them in the end.”

“It’s a huge mess,” she adds. “By attempting to protect national security, they actually undermine it in many ways.”

Citizen Lab’s Scott-Railton believes these developments should raise concern among European decisionmakers just as they have for their US counterparts, who emphasized the national security aspect in the executive order.

“What is it going to take for European heads of state to recognize they have a national security threat from this technology?” Scott-Railton says. “Until they recognize the twin human rights and national security threats, the way the US has, they are going to be at a tremendous security disadvantage.”

ICE's $2 Million Contract With a Spyware Vendor Is Under White House Review

By Waqas
The hacker is selling 350 GB worth of data for $150,000 supervised by the forum’s guarantor.
This is a post from HackRead.com Read the original post: US Marshals Service Data Sold on Russian Hacker Forum

****The hacker claims that, among other sensitive data, the stolen information includes data about convicts, drug cartels, witnesses, and individuals enrolled in the agency’s witness protection program.****

In late February 2023, the US Marshals Service (USMS) suffered a ransomware attack, leading to all sorts of speculation. Now, however, a hacker is selling data that they claim belongs to the USMS for $150,000.

For readers outside the United States, the U.S. Marshals Service (USMS) is a high-profile government agency associated with the U.S. Department of Justice, which offers protection to government witnesses and their families.

**The Stolen US Marshals Service Data**

The stolen data, which is being offered for sale by an unknown threat actor on a Russian cybercrime and hacker forum operating on both the **Dark Web** and the clearnet, allegedly include military base photos, wiretap data belonging to USMS, drone footage of military bases, and documents on cartels, gang leaders, IDs, and passports.

The data also includes information about convicts, drug cartels, witnesses, and individuals enrolled in the agency’s witness protection program. Additionally, the dataset includes files marked as Top Secret and Confidential, as well as backdoor software for Apple devices.

This is what the hacker has to say about the alleged US Marshals Service data (Image credit: Hackread.com)

**Are These Claims Authentic?**

Although no ransomware group has claimed responsibility for the attack yet, the hacker who posted the advert claimed that the dataset was stolen from the USMS between 2021 and February 2023. However, the post was uploaded from a one-day-old account, and the author did not provide any data samples as evidence.

It is worth noting that the threat actor suggests using a middleman to ensure a successful sale, in this case, the forum’s administrator. The hacker’s willingness to use a third-party and their confidence in the quality of the stolen information indicates that the threat should be taken seriously.

The USMS had previously announced in February 2023 that it had fallen victim to a major ransomware attack, which compromised sensitive data on known fugitives, USMS employees, and legal proceedings.

At the time, the agency stated that data related to individuals enrolled in the witness protection program had not been accessed.

1.  **Hackers post data of thousands of Federal agents**
2.  **Avast found backdoor in US Federal Agency Network**
3.  **Top US Federal Agencies Hacked by Russian Hackers**
4.  **Hackers access domain controller of US Federal network**
5.  **Federal agency hacked leveraging compromised credentials**

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

US Marshals Service Data Sold on Russian Hacker Forum

index.php in CentOS-WebPanel.com (aka CWP) CentOS Web Panel through v0.9.8.12 has XSS via the id parameter to the phpini_editor module or the email_address parameter to the mail_add-new module.

Reference(s): http://localhost:2030/index.php?module=mail\_add-new Solution - Fix & Patch: ======================= The vulnerability can be patched by a secure parse and encode of the vulnerable \`id\` and \`email address\` parameters of the index.php file POST method request. Disallow usage of special chars and restrict the parameter input to prevent application-side script code injection attacks. Filter in the output error or the item listing the vulnerable location were the code executes. Security Risk: ============== The security risk of the application-side input validation vulnerabilities in the web-application are estimated as medium. (CVSS 4.4) Credits & Authors: ================== Benjamin K.M. \[bkm@vulnerability-lab.com\] - https://www.vulnerability-lab.com/show.php?user=Benjamin+K.M. Disclaimer & Information: ========================= The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business profits or special damages, even if Vulnerability Labs or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability mainly for incidental or consequential damages so the foregoing limitation may not apply. We do not approve or encourage anybody to break any licenses, policies, deface websites, hack into databases or trade with stolen data. We have no need for criminal activities or membership requests. We do not publish advisories or vulnerabilities of religious-, militant- and racist- hacker/analyst/researcher groups or individuals. We do not publish trade researcher mails, phone numbers, conversations or anything else to journalists, investigative authorities or private individuals. Domains: www.vulnerability-lab.com - www.vulnerability-db.com - www.evolution-sec.com Programs: vulnerability-lab.com/submit.php - vulnerability-lab.com/list-of-bug-bounty-programs.php - vulnerability-lab.com/register.php Feeds: vulnerability-lab.com/rss/rss.php - vulnerability-lab.com/rss/rss\_upcoming.php - vulnerability-lab.com/rss/rss\_news.php Social: twitter.com/vuln\_lab - facebook.com/VulnerabilityLab - youtube.com/user/vulnerability0lab Any modified copy or reproduction, including partially usages, of this file, resources or information requires authorization from Vulnerability Laboratory. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other media, are reserved by Vulnerability Lab Research Team or its suppliers. All pictures, texts, advisories, source code, videos and other information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list, modify, use or edit our material contact (admin@) to get an ask permission. Copyright © 2018 | Vulnerability Laboratory - \[Evolution Security GmbH\]™

CVE-2018-5962

Huawei Aslan Children's Watch has an improper input validation vulnerability. Successful exploitation may cause the watch's application service abnormal.

Huawei Aslan Children's Watch has an improper input validation vulnerability. Successful exploitation may cause the watch's application service abnormal. (Vulnerability ID:HWPSIRT-2022-53187)

This vulnerability has been assigned a (CVE) ID: CVE-2022-39012

Affected Product

Affected Version

Resolved Versions

Aslan-AL10

Aslan-AL10-OTA 11.1.0.118(C00M06)-11.1.0.10118(C00M06)

Aslan-AL10 11.1.0.135(C00M08)

Aslan-AL10

Aslan-AL10-OTA 11.1.0.118(C00M06)-11.1.0.10118(C00M06)

Aslan-AL10-OTA 11.1.0.135(C00M08log)-11.1.0.10135(C00M08log)

Aslan-AL10

Aslan-AL10-OTA 11.1.0.118(C00M06)-11.1.0.10118(C00M06)

Aslan-AL10-OTA 11.1.0.135(C00M08log)-11.1.0.10135(C00M08log)

HWPSIRT-2022-53187:  
Successful exploitation may cause the watch's application service abnormal.

Vulnerabilities are scored base on the CVSS v3.1 scoring system. For details please refer to: http://www.first.org/cvss/specification-document.

HWPSIRT-2022-53187:  
Base score:7.5  
Temporary score:7.0  
Environmental Score:NA  
CVSS v3.1 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C

HWPSIRT-2022-53187:  
This vulnerability can be exploited only when the following conditions are present:   
The attacker can send a specially crafted packet to the affected device.

Technical details:  
Huawei Aslan Children's Watch does not properly validate the external input, resulting in an improper input validation vulnerability. An attacker can send a specially crafted packet to exploit this vulnerability. Successful exploitation may cause the watch's application service abnormal.

The product that supports automatic update will receive a system update prompt. You can install the update to fix the vulnerability.

HWPSIRT-2022-53187:  
This vulnerability was discovered by Huawei internal tester.

2022-11-23 V1.0 Initial Release;  

Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism.

To enjoy Huawei PSIRT services and obtain Huawei product vulnerability information, please visit http://www.huawei.com/en/psirt.

To report a security vulnerability in Huawei products and solutions, please send it to PSIRT@huawei.com. For details, please visit http://www.huawei.com/en/psirt/report-vulnerabilities.

This document is provided on an "AS IS" basis and does not imply any kind of guarantee or warranty, either express or implied, including the warranties of merchantability or fitness for a particular purpose. In no event shall Huawei or any of its directly or indirectly controlled subsidiaries or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. Your use of the document, by whatsoever means, will be totally at your own risk. Huawei is entitled to amend or update this document from time to time.

CVE-2022-39012: Security Advisory - Improper Input Validation Vulnerability in a Huawei Children's Watch

There is a traffic hijacking vulnerability in Huawei routers. Successful exploitation of this vulnerability can cause packets to be hijacked by attackers. 

**Security Advisory - Traffic Hijacking Vulnerability in Huawei Routers**

*   SA No:huawei-sa-THViHR-7015cbae
*   Initial Release Date: 2023-05-17
*   Last Release Date: 2023-05-17

  

There is a traffic hijacking vulnerability in Huawei routers. Successful exploitation of this vulnerability can cause packets to be hijacked by attackers.(Vulnerability ID:HWPSIRT-2022-82592)

This vulnerability has been assigned a (CVE)ID:CVE-2022-48469

  

Affected Product

Affected Version

Repair Versions

B535-232a

B535-232a 2.0.0.1(H318SP5C983)

B535-232a 2.0.0.1(H318SP6C983)

  

HWPSIRT-2022-82592:

Successful exploitation of this vulnerability can cause packets to be hijacked by attackers.

  

Vulnerabilities are scored base on the CVSS v3.1 scoring system. For details please refer to: http://www.first.org/cvss/specification-document.

HWPSIRT-2022-82592

Base Score: 7.6

Temporal Score: 7.1

Environmental Score: NA

CVSS v3.1 Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L/E:F/RL:O/RC:C

  

HWPSIRT-2022-82592:

This vulnerability can be exploited only when the following conditions are present:

An attacker can access the device remotely.

Technical details:

Huawei routers have a traffic hijacking vulnerability due to improper domain name resolution. An attacker who can access the victim device can construct a malicious domain name to exploit this vulnerability. Successful exploitation of this vulnerability can cause packets to be hijacked by attackers.

  

The product that supports automatic update will receive a system update prompt. You can install the update to fix the vulnerability.

HWPSIRT-2022-82592:

The vulnerability was discovered by an external researcher.

  

2023-05-17 V1.0 Initial Release;

Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism.

To enjoy Huawei PSIRT services and obtain Huawei product vulnerability information, please visit http://www.huawei.com/en/psirt.

To report a security vulnerability in Huawei products and solutions, please send it to PSIRT@huawei.com. For details, please visit http://www.huawei.com/en/psirt/report-vulnerabilities.

This document is provided on an "AS IS" basis and does not imply any kind of guarantee or warranty, either express or implied, including the warranties of merchantability or fitness for a particular purpose. In no event shall Huawei or any of its directly or indirectly controlled subsidiaries or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. Your use of the document, by whatsoever means, will be totally at your own risk. Huawei is entitled to amend or update this document from time to time.

CVE-2022-48469: huawei-sa-THViHR-7015cbae-en

A permission bypass vulnerability in Huawei cross device task management could allow an attacker to access certain resource in the attacked devices. Affected product versions include:JAD-AL50 versions 102.0.0.225(C00E220R3P4).

**Security Advisory - Permission Bypass Vulnerability in Huawei Products**

*   SA No:huawei-sa-20220819-01-7e0a6103
*   Initial Release Date: Aug 19, 2022
*   Last Release Date: Aug 19, 2022

  

A permission bypass vulnerability in Huawei cross device task management could allow an attacker to access certain resource in the attacked devices. (Vulnerability ID: HWPSIRT-2021-96118)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2021-46834.

For products that have released software updates to fix this vulnerability, Huawei will release and update the Security Advisory at:

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220819-01-7e0a6103-en

Affected Product

Affected Version

Resolved Version

JAD-AL50

102.0.0.225(C00E220R3P4)

102.0.0.245(C00E245R3P4)

  

Successful exploitation could allow an attacker to access certain resource in the attacked devices.

This vulnerability can be exploited only when the following conditions are present:

The attacked device needs to initiate cross device task management to the attacker device.

Vulnerability details:

A permission bypass vulnerability in the cross device task management function of Huawei products. This vulnerability exists because insufficient permission verification. After the attacked device initiates cross device task management to the attacker device, the attacker could exploit the vulnerability through this function. A successful exploit could allow the attacker to access certain resource in the attacked devices.

The product that supports automatic update will receive a system update prompt. You can install the update to fix the vulnerability.  

The vulnerability was discovered by external researchers.

Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism.

To enjoy Huawei PSIRT services and obtain Huawei product vulnerability information, please visit http://www.huawei.com/en/psirt.

To report a security vulnerability in Huawei products and solutions, please send it to PSIRT@huawei.com. For details, please visit http://www.huawei.com/en/psirt/report-vulnerabilities.

This document is provided on an "AS IS" basis and does not imply any kind of guarantee or warranty, either express or implied, including the warranties of merchantability or fitness for a particular purpose. In no event shall Huawei or any of its directly or indirectly controlled subsidiaries or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. Your use of the document, by whatsoever means, will be totally at your own risk. Huawei is entitled to amend or update this document from time to time.

Search

lenovo warranty check/lookup | check warranty status | lenovo support us