Dwelling › Cell Safety

Almost 300 Vulnerabilities Patched in Huawei’s HarmonyOS in 2022

By Eduard Kovacs on January 03, 2023

Tweet

Chinese language tech large Huawei patched almost 300 vulnerabilities in its HarmonyOS working system in 2022.

Huawei smartphones and different units ran Android till 2019, when the US authorities barred American corporations from promoting software program and expertise to the Chinese language agency.

Later that yr, Huawei unveiled its new HarmonyOS working system, which works on a variety of units, together with telephones, tablets, good TVs, wearables and automotive infotainment techniques.

Huawei is conscious that with a view to compete with Android and iOS, the working system must be safe, which is why the corporate runs a bug bounty program with important rewards for crucial vulnerabilities and exploit chains.

An evaluation performed by SecurityWeek reveals that greater than 290 vulnerabilities had been patched in HarmonyOS in 2022, together with almost 100 safety flaws affecting third-party libraries. The info comes from the month-to-month safety advisories revealed by the corporate final yr.

Almost two dozen vulnerabilities have been assigned a ‘crucial’ severity ranking and 94 have a ‘excessive’ severity ranking.

These vulnerabilities may be exploited for denial-of-service (DoS) assaults, distant code execution, acquiring info, and for privilege escalation.

As compared, roughly 800 vulnerabilities had been patched in Android in 2022, in accordance with information from CVE Particulars. Nonetheless, Android is way extra fashionable than HarmonyOS, which implies it will get extra scrutiny from safety researchers.

By means of its HarmonyOS bug bounty program, Huawei is providing rewards of as much as €1 million for zero-click exploits that result in arbitrary code execution. Researchers can earn a most of €120,000 for brand new lockscreen bypass strategies.

Associated: US Bans Huawei, ZTE Telecoms Gear Over Safety Threat

Associated: Over 75 Vulnerabilities Patched in Android With December 2022 Safety Updates

Get the Day by day Briefing

• Most Latest
• Most Learn

• Researcher Says Google Paid $100ok Bug Bounty for Sensible Speaker Vulnerabilities
• The Impression of Geopolitics on CPS Safety
• Crucial Vulnerabilities Patched in Synology Routers
• Malware Delivered to PyTorch Customers in Provide Chain Assault
• Almost 300 Vulnerabilities Patched in Huawei’s HarmonyOS in 2022
• Cybersecurity M&A Roundup: 16 Offers Introduced in December 2022
• Ransomware Assault Forces Canadian Mining Firm to Shut Down Mill
• Google to Pay Indiana $20 Million to Resolve Privateness Go well with
• CISA Says Two Outdated JasperReports Vulnerabilities Exploited in Assaults
• The 5 Tales That Formed Cybersecurity in 2022

In search of Malware in All of the Incorrect Locations?

First Step For The Web’s subsequent 25 years: Including Safety to the DNS

Tattle Story: What Your Pc Says About You

Be in a Place to Act By means of Cyber Situational Consciousness

Report Exhibits Closely Regulated Industries Letting Social Networking Apps Run Rampant

2010, A Nice 12 months To Be a Scammer.

Do not Let DNS be Your Single Level of Failure

The right way to Determine Malware in a Blink

Defining and Debating Cyber Warfare

The 5 A’s that Make Cybercrime so Engaging

The right way to Defend Towards DDoS Assaults

Safety Budgets Not in Line with Threats

Anycast – Three Causes Why Your DNS Community Ought to Use It

The Evolution of the Prolonged Enterprise: Safety Methods for Ahead Pondering Organizations

Utilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous Enterprise

Orbit Brain

http://orbitbrain.com/

Orbit Brain is the senior science writer and technology expert. Our aim provides the best information about technology and web development designing SEO graphics designing video animation tutorials and how to use software easy ways
and much more. Like Best Service Latest Technology, Information Technology, Personal Tech Blogs, Technology Blog Topics, Technology Blogs For Students, Futurism Blog.