Medium severity6.2NVD Advisory· Published Dec 8, 2022· Updated Jun 17, 2026
CVE-2022-45118
CVE-2022-45118
Description
OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication subsystem sends public events with personal data, but the permission is not set. Malicious apps could listen to public events and obtain information such as mobile numbers and SMS data without permissions.
Affected products
2<=3.1.2+ 1 more
- (no CPE)range: <=3.1.2
- (no CPE)range: 3.1.0
Patches
Vulnerability mechanics
References
1- gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-12.mdnvdThird Party Advisory
News mentions
0No linked articles in our index yet.