VYPR
Medium severity6.2NVD Advisory· Published Dec 8, 2022· Updated Jun 17, 2026

CVE-2022-45118

CVE-2022-45118

Description

OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication subsystem sends public events with personal data, but the permission is not set. Malicious apps could listen to public events and obtain information such as mobile numbers and SMS data without permissions.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.