Xia Guangshuai

**Name of the Vulnerable Software and Affected Versions** Dressroom versions prior to SMR Jan-2022 Release 1 **Description** The issue is related to improper sanitization of incoming intent in Dressroom, allowing local attackers to read and write arbitrary files without permission. **Recommendations** For versions prior to SMR Jan-2022 Release 1, update to SMR Jan-2022 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** SemRewardManager versions prior to SMR Dec-2021 Release 1 **Description** The issue is related to an improper usage of implicit intent in SemRewardManager, allowing attackers to access BSSID. **Recommendations** For versions prior to SMR Dec-2021 Release 1, update to SMR Dec-2021 Release 1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Software (affected versions not specified) **Description** A vulnerability allows attackers to read the ESN value without privilege due to the insecure storage of sensitive information in Property Settings. This issue is present in versions prior to the SMR Nov-2021 Release 1. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Huawei devices (affected versions not specified) **Description** The issue concerns a vulnerability related to Wi-Fi network connections, specifically with SSID, in Huawei devices. Successful exploitation of this issue may compromise service confidentiality. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.