Vulnerabilites related to huawei - magic_ui
Vulnerability from fkie_nvd
Published
2022-07-12 14:15
Modified
2024-11-21 07:10
Severity ?
Summary
The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality."
},
{
"lang": "es",
"value": "El m\u00f3dulo de seguridad de la aplicaci\u00f3n presenta una vulnerabilidad en la asignaci\u00f3n de permisos. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la integridad y confidencialidad de los datos"
}
],
"id": "CVE-2022-34737",
"lastModified": "2024-11-21T07:10:05.710",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-12T14:15:19.337",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability can affect service integrity.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability can affect service integrity."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad DoS Remota en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la integridad del servicio"
}
],
"id": "CVE-2021-22401",
"lastModified": "2024-11-21T05:50:03.337",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:08.427",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-12 14:15
Modified
2024-11-21 07:10
Severity ?
Summary
The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation."
},
{
"lang": "es",
"value": "El m\u00f3dulo NFC presenta una vulnerabilidad de desbordamiento de b\u00fafer. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar excepciones en el registro, borrado y activaci\u00f3n de tarjetas NFC"
}
],
"id": "CVE-2022-34740",
"lastModified": "2024-11-21T07:10:06.067",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-12T14:15:19.453",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-08 15:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Heap-based buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may rewrite the memory of adjacent objects.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Heap-based buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may rewrite the memory of adjacent objects."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n Heap de la memoria en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede reescribir la memoria de los objetos adyacentes"
}
],
"id": "CVE-2021-37049",
"lastModified": "2024-11-21T06:14:33.527",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T15:15:09.427",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-25 19:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is an improper permission management vulnerability in the Wallet apps. Successful exploitation of this vulnerability may affect service confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an improper permission management vulnerability in the Wallet apps. Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de administraci\u00f3n de permisos inapropiada en las aplicaciones Wallet. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad del servicio.\n"
}
],
"id": "CVE-2021-37103",
"lastModified": "2024-11-21T06:14:39.313",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-25T19:15:11.870",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-03 22:15
Modified
2024-11-21 06:20
Severity ?
Summary
There is an Uninitialized AOD driver structure in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Uninitialized AOD driver structure in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una estructura de controlador AOD no inicializada en los Smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad del servicio"
}
],
"id": "CVE-2021-39966",
"lastModified": "2024-11-21T06:20:38.463",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-03T22:15:09.957",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-909"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-08 15:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Limpieza Incompleta en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede conllevar a que la disponibilidad est\u00e9 afectada"
}
],
"id": "CVE-2021-37092",
"lastModified": "2024-11-21T06:14:38.070",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T15:15:09.920",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-459"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-10 14:10
Modified
2024-11-21 06:23
Severity ?
Summary
There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento de b\u00fafer debido a un error de l\u00edmite con el servidor Samba en el m\u00f3dulo file management en los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la estabilidad del funcionamiento"
}
],
"id": "CVE-2021-40029",
"lastModified": "2024-11-21T06:23:25.020",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-10T14:10:21.920",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-02 17:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Integer Underflow (Wrap or Wraparound) Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause DoS of Samgr.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Integer Underflow (Wrap or Wraparound) Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause DoS of Samgr."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de Desbordamiento de Enteros (Wrap o Wraparound) en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar DoS de Samgr"
}
],
"id": "CVE-2021-22379",
"lastModified": "2024-11-21T05:50:00.610",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-02T17:15:13.617",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-191"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-02 17:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause malicious code to be executed.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause malicious code to be executed."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de L\u00edmite de Funcionamiento Inapropiado del B\u00fafer de Memoria en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar que un c\u00f3digo malicioso sea ejecutado"
}
],
"id": "CVE-2021-22438",
"lastModified": "2024-11-21T05:50:07.687",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-02T17:15:14.520",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Memory leaks vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Memory leaks vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de p\u00e9rdida de memoria en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la disponibilidad del servicio"
}
],
"id": "CVE-2021-36993",
"lastModified": "2024-11-21T06:14:27.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:10.697",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-13 15:15
Modified
2024-11-21 06:34
Severity ?
Summary
Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations."
},
{
"lang": "es",
"value": "Una vulnerabilidad de cobertura de ventanas emergentes de terceros en el m\u00f3dulo iConnect. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar que la ventana emergente del sistema pueda ser cubierta para enga\u00f1ar a usuarios a llevar a cabo operaciones incorrectas"
}
],
"id": "CVE-2021-46788",
"lastModified": "2024-11-21T06:34:43.383",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-13T15:15:08.570",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-03 22:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de l\u00f3gica de Servicio en el Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar WLAN DoS"
}
],
"id": "CVE-2021-37119",
"lastModified": "2024-11-21T06:14:40.957",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-03T22:15:09.450",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-03 22:15
Modified
2024-11-21 06:20
Severity ?
Summary
There is a Null pointer dereference in Smartphones.Successful exploitation of this vulnerability may cause the kernel to break down.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Null pointer dereference in Smartphones.Successful exploitation of this vulnerability may cause the kernel to break down."
},
{
"lang": "es",
"value": "Se presnta una desreferencia de puntero Null en los Smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar la ruptura del kernel"
}
],
"id": "CVE-2021-39973",
"lastModified": "2024-11-21T06:20:39.593",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-03T22:15:10.283",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:43
Modified
2024-11-21 06:23
Severity ?
Summary
There is an unauthorized access vulnerability in system components. Successful exploitation of this vulnerability will affect confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an unauthorized access vulnerability in system components. Successful exploitation of this vulnerability will affect confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de acceso no autorizado en los componentes del sistema. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad afectar\u00e1 a la confidencialidad"
}
],
"id": "CVE-2021-40051",
"lastModified": "2024-11-21T06:23:28.313",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:43:18.447",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-13 15:15
Modified
2024-11-21 07:05
Severity ?
Summary
The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability."
},
{
"lang": "es",
"value": "El m\u00f3dulo de comunicaci\u00f3n presenta una vulnerabilidad de preservaci\u00f3n de permisos inapropiada. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad del sistema"
}
],
"id": "CVE-2022-31755",
"lastModified": "2024-11-21T07:05:14.440",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-13T15:15:10.100",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-281"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-10 14:10
Modified
2024-11-21 06:23
Severity ?
Summary
The bone voice ID TA has a heap overflow vulnerability.Successful exploitation of this vulnerability may result in malicious code execution.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The bone voice ID TA has a heap overflow vulnerability.Successful exploitation of this vulnerability may result in malicious code execution."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n bone voice ID trusted TA tiene una vulnerabilidad de desbordamiento de heap.La explotaci\u00f3n exitosa de esta vulnerabilidad puede resultar en la ejecuci\u00f3n de c\u00f3digo malicioso"
}
],
"id": "CVE-2021-40010",
"lastModified": "2024-11-21T06:23:22.443",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-10T14:10:21.360",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202201-0000001194056366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202201-0000001194056366"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-25 19:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed."
},
{
"lang": "es",
"value": "Se presenta una direcci\u00f3n de memoria fuera de l\u00edmites en los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una ejecuci\u00f3n de c\u00f3digo malicioso.\n"
}
],
"id": "CVE-2021-22429",
"lastModified": "2024-11-21T05:50:06.663",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-25T19:15:09.387",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-03 22:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is an Out-of-bounds read vulnerability in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Out-of-bounds read vulnerability in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Lectura Fuera de L\u00edmites en el Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la confidencialidad del servicio"
}
],
"id": "CVE-2021-37114",
"lastModified": "2024-11-21T06:14:40.420",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-03T22:15:09.227",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-03 20:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is an Improper Validation of Array Index vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute, thus obtaining system permissions.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper Validation of Array Index vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute, thus obtaining system permissions."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Comprobaci\u00f3n Inapropiada del \u00cdndice de la Matriz en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una ejecuci\u00f3n de c\u00f3digo, obteniendo as\u00ed permisos del sistema"
}
],
"id": "CVE-2021-22333",
"lastModified": "2024-11-21T05:49:55.827",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-03T20:15:08.433",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-129"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-08 15:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is an Exception log vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause address information leakage.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Exception log vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause address information leakage."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad en el registro de excepciones en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar un filtrado de informaci\u00f3n de direcci\u00f3n"
}
],
"id": "CVE-2021-37052",
"lastModified": "2024-11-21T06:14:33.877",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T15:15:09.593",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 21:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is a Configuration Defect Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious commands.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Configuration Defect Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious commands."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Defecto de Configuraci\u00f3n en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede permitir a atacantes secuestrar el dispositivo y falsificar las interfaces de usuario para inducir a los usuarios a ejecutar comandos maliciosos"
}
],
"id": "CVE-2021-22352",
"lastModified": "2024-11-21T05:49:57.770",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T21:15:09.907",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-11 20:15
Modified
2024-11-21 06:34
Severity ?
Summary
The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability."
},
{
"lang": "es",
"value": "El m\u00f3dulo multi ventana presenta una vulnerabilidad de inserci\u00f3n y manipulaci\u00f3n no autorizada de datos de Settings.Secure. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la disponibilidad"
}
],
"id": "CVE-2021-46742",
"lastModified": "2024-11-21T06:34:37.070",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-11T20:15:16.397",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-08 15:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is an Out-of-bounds read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds memory access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Out-of-bounds read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds memory access."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de lectura fuera de l\u00edmites en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar acceso a la memoria fuera de l\u00edmites"
}
],
"id": "CVE-2021-37051",
"lastModified": "2024-11-21T06:14:33.750",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T15:15:09.533",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"source": "nvd@nist.gov",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-04-01 18:15
Modified
2024-11-21 05:40
Severity ?
Summary
An application error verification vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to modify and delete user SMS messages.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@huawei.com | https://consumer.huawei.com/cn/support/bulletin/2021/1 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://consumer.huawei.com/cn/support/bulletin/2021/1 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An application error verification vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to modify and delete user SMS messages."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de verificaci\u00f3n de errores de aplicaci\u00f3n en la interfaz de un componente del Smartphone Huawei.\u0026#xa0;Los atacantes locales pueden explotar esta vulnerabilidad para modificar y eliminar los mensajes SMS de los usuarios."
}
],
"id": "CVE-2020-9149",
"lastModified": "2024-11-21T05:40:08.480",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-04-01T18:15:12.543",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/cn/support/bulletin/2021/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/cn/support/bulletin/2021/1"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-16 18:15
Modified
2024-11-21 07:17
Severity ?
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE0AFB0-A112-484B-BEAD-A7F1BDDCE313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality."
},
{
"lang": "es",
"value": "El m\u00f3dulo de Sistema Operativo seguro presenta defectos de configuraci\u00f3n. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad de los datos"
}
],
"id": "CVE-2022-38978",
"lastModified": "2024-11-21T07:17:18.060",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:17.350",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-07 16:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is an Improper access control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper access control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de control de acceso inapropiado en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la confidencialidad del servicio"
}
],
"id": "CVE-2021-37038",
"lastModified": "2024-11-21T06:14:32.330",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-07T16:15:07.377",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a Permission verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect the device performance.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Permission verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect the device performance."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de verificaci\u00f3n de Permisos en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar al rendimiento del dispositivo"
}
],
"id": "CVE-2021-22490",
"lastModified": "2024-11-21T05:50:13.003",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:10.267",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-02 17:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de Divulgaci\u00f3n de Informaci\u00f3n en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede conllevar a una omisi\u00f3n de la autenticaci\u00f3n"
}
],
"id": "CVE-2021-22384",
"lastModified": "2024-11-21T05:50:01.180",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-02T17:15:13.723",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 18:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is a Key Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may lead to authentication bypass.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Key Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may lead to authentication bypass."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de Errores de Administraci\u00f3n de Claves en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede conllevar a la evasi\u00f3n de la autenticaci\u00f3n"
}
],
"id": "CVE-2021-22367",
"lastModified": "2024-11-21T05:49:59.250",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T18:15:08.507",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a Configuration defects in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Configuration defects in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta un defecto de Configuraci\u00f3n en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la confidencialidad del servicio"
}
],
"id": "CVE-2021-22407",
"lastModified": "2024-11-21T05:50:04.107",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:08.730",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a Configuration defects in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Configuration defects in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Configuraci\u00f3n en Huawei Smartphone que puede afectar la disponibilidad del servicio"
}
],
"id": "CVE-2021-22405",
"lastModified": "2024-11-21T05:50:03.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:08.630",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-13 15:15
Modified
2024-11-21 07:05
Severity ?
Summary
The kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data confidentiality."
},
{
"lang": "es",
"value": "El m\u00f3dulo del kernel presenta una vulnerabilidad de condici\u00f3n de carrera. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad de los datos"
}
],
"id": "CVE-2022-31758",
"lastModified": "2024-11-21T07:05:14.890",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-13T15:15:10.227",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-03 22:15
Modified
2025-05-22 19:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de acceso no autorizado a archivos en los Smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la confidencialidad del servicio"
}
],
"id": "CVE-2021-37133",
"lastModified": "2025-05-22T19:15:25.107",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-01-03T22:15:09.800",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-03 17:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is a Credentials Management Errors vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Credentials Management Errors vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de errores de Administraci\u00f3n de Credenciales en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede perjudicar la confidencialidad de los datos"
}
],
"id": "CVE-2021-22324",
"lastModified": "2024-11-21T05:49:54.767",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-03T17:15:07.423",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/3/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-07 16:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@huawei.com | https://consumer.huawei.com/en/support/bulletin/2021/9/ | Not Applicable, Vendor Advisory | |
| nvd@nist.gov | https://consumer.huawei.com/om/support/bulletin/2021/10/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://consumer.huawei.com/en/support/bulletin/2021/9/ | Not Applicable, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de verificaci\u00f3n inapropiada en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una lectura fuera de l\u00edmites"
}
],
"id": "CVE-2021-37041",
"lastModified": "2024-11-21T06:14:32.657",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-07T16:15:07.417",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "nvd@nist.gov",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/om/support/bulletin/2021/10/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-08 15:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers steal short messages.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers steal short messages."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Control de Acceso Inapropiado en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede conllevar a que los atacantes roben mensajes cortos"
}
],
"id": "CVE-2021-37093",
"lastModified": "2024-11-21T06:14:38.180",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T15:15:09.973",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-03 16:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Divulgaci\u00f3n de Informaci\u00f3n en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede perjudicar a la confidencialidad de los datos"
}
],
"id": "CVE-2021-22317",
"lastModified": "2024-11-21T05:49:53.877",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-03T16:15:11.380",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/2/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-16 18:15
Modified
2024-11-21 06:23
Severity ?
Summary
Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds access."
},
{
"lang": "es",
"value": "Una vulnerabilidad de lectura de la pila fuera de l\u00edmites en el m\u00f3dulo HW_KEYMASTER. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar un acceso fuera de l\u00edmites"
}
],
"id": "CVE-2021-40019",
"lastModified": "2024-11-21T06:23:23.733",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:11.497",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-13 22:15
Modified
2024-11-21 05:40
Severity ?
Summary
There is a improper privilege management vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability can cause information disclosure and malfunctions due to insufficient verification of data authenticity.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a improper privilege management vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability can cause information disclosure and malfunctions due to insufficient verification of data authenticity."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de administraci\u00f3n de privilegios inapropiada en algunos tel\u00e9fonos inteligentes Huawei.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una divulgaci\u00f3n de informaci\u00f3n y el funcionamiento inapropiado debido a una verificaci\u00f3n insuficiente de la autenticidad de los datos."
}
],
"id": "CVE-2020-9141",
"lastModified": "2024-11-21T05:40:07.280",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-13T22:15:14.083",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
},
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-25 19:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a memory address out of bounds vulnerability in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a memory address out of bounds vulnerability in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de direcci\u00f3n de memoria fuera de l\u00edmites en los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una ejecuci\u00f3n de c\u00f3digo malicioso.\n"
}
],
"id": "CVE-2021-22434",
"lastModified": "2024-11-21T05:50:07.267",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-25T19:15:10.317",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Out-of-bounds memory access in Huawei Smartphone.Successful exploitation of this vulnerability may cause process exceptions.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Out-of-bounds memory access in Huawei Smartphone.Successful exploitation of this vulnerability may cause process exceptions."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de acceso a la memoria fuera de l\u00edmites en Huawei Smartphone"
}
],
"id": "CVE-2021-22474",
"lastModified": "2024-11-21T05:50:11.643",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:09.833",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-13 22:15
Modified
2024-11-21 05:40
Severity ?
Summary
There is a heap base buffer overflow vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability can cause heap overflow and memory overwriting when the system incorrectly processes the update file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a heap base buffer overflow vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability can cause heap overflow and memory overwriting when the system incorrectly processes the update file."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento del b\u00fafer en la regi\u00f3n heap de la memoria en algunos tel\u00e9fonos inteligentes Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar un desbordamiento de la pila y una sobrescritura de la memoria cuando el sistema procesa incorrectamente el archivo de actualizaci\u00f3n."
}
],
"id": "CVE-2020-9142",
"lastModified": "2024-11-21T05:40:07.423",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-13T22:15:14.130",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-02 17:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause certain codes to be executed.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause certain codes to be executed."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de Desbordamiento de Enteros en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una ejecuci\u00f3n de determinados c\u00f3digos"
}
],
"id": "CVE-2021-22388",
"lastModified": "2024-11-21T05:50:01.670",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-02T17:15:13.833",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-02 17:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Incorrect Calculation of Buffer Size Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause kernel exceptions with the code.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Incorrect Calculation of Buffer Size Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause kernel exceptions with the code."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de C\u00e1lculo Incorrecto del Tama\u00f1o del B\u00fafer en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar excepciones en el kernel con el c\u00f3digo"
}
],
"id": "CVE-2021-22415",
"lastModified": "2024-11-21T05:50:04.977",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-02T17:15:14.357",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-131"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Improper permission management vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper permission management vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de administraci\u00f3n de permisos inapropiada en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la confidencialidad del servicio"
}
],
"id": "CVE-2021-22475",
"lastModified": "2024-11-21T05:50:11.747",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:09.873",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-02 17:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause certain codes to be executed.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause certain codes to be executed."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de L\u00edmite de Operaci\u00f3n Inapropiada del Buffer de Memoria en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una ejecuci\u00f3n de determinados c\u00f3digos"
}
],
"id": "CVE-2021-22390",
"lastModified": "2024-11-21T05:50:01.907",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-02T17:15:13.933",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-10 20:16
Modified
2024-11-21 07:14
Severity ?
Summary
The Settings application has an argument injection vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Settings application has an argument injection vulnerability. Successful exploitation of this vulnerability may affect data confidentiality."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n Settings presenta una vulnerabilidad de inyecci\u00f3n de argumentos. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad de los datos"
}
],
"id": "CVE-2022-37005",
"lastModified": "2024-11-21T07:14:16.110",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-10T20:16:04.443",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-88"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-08 15:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is an UAF vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart unexpectedly and the kernel-mode code to be executed.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an UAF vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart unexpectedly and the kernel-mode code to be executed."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de UAF en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar que el dispositivo se reinicie inesperadamente y que sea ejecutado el c\u00f3digo del modo kernel"
}
],
"id": "CVE-2021-37045",
"lastModified": "2024-11-21T06:14:33.100",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T15:15:09.380",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-13 16:15
Modified
2024-11-21 06:34
Severity ?
Summary
HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC) information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC) information."
},
{
"lang": "es",
"value": "HwSEServiceAPP presenta una vulnerabilidad en la administraci\u00f3n de permisos. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una divulgaci\u00f3n de la informaci\u00f3n del ciclo de vida de producci\u00f3n de la tarjeta (CPLC)"
}
],
"id": "CVE-2021-46811",
"lastModified": "2024-11-21T06:34:44.650",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-13T16:15:08.080",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-25 19:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause integer overflows.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause integer overflows."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de verificaci\u00f3n inapropiada en los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar desbordamientos de enteros.\n"
}
],
"id": "CVE-2021-22319",
"lastModified": "2024-11-21T05:49:54.170",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-25T19:15:08.823",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202109-0000001150310956"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202109-0000001150310956"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-10 14:10
Modified
2024-11-21 06:20
Severity ?
Summary
There is an Integer overflow vulnerability with ACPU in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Integer overflow vulnerability with ACPU in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento de enteros en la ACPU de los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar un acceso fuera de l\u00edmites"
}
],
"id": "CVE-2021-39993",
"lastModified": "2024-11-21T06:20:42.287",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-10T14:10:20.773",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/12/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/12/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-04-01 18:15
Modified
2024-11-21 05:40
Severity ?
Summary
A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers may exploit this vulnerability by carefully constructing attack scenarios to cause out-of-bounds read.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@huawei.com | https://consumer.huawei.com/cn/support/bulletin/2021/1 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://consumer.huawei.com/cn/support/bulletin/2021/1 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers may exploit this vulnerability by carefully constructing attack scenarios to cause out-of-bounds read."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de error de b\u00fafer de la memoria en la interfaz de un componente del Smartphone Huawei.\u0026#xa0;Los atacantes locales pueden explotar esta vulnerabilidad construyendo cuidadosamente escenarios de ataque para provocar una lectura fuera de los l\u00edmites."
}
],
"id": "CVE-2020-9147",
"lastModified": "2024-11-21T05:40:08.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-04-01T18:15:12.417",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/cn/support/bulletin/2021/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/cn/support/bulletin/2021/1"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-07 16:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Logic bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to obtain certain device information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Logic bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to obtain certain device information."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de omisi\u00f3n L\u00f3gica en el Smartphone de Huawei, Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede permitir intentos de obtener determinada informaci\u00f3n del dispositivo"
}
],
"id": "CVE-2021-37055",
"lastModified": "2024-11-21T06:14:34.197",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-07T16:15:07.577",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-08 15:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Race Condition en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede conllevar a que la disponibilidad est\u00e9 afectada"
}
],
"id": "CVE-2021-37069",
"lastModified": "2024-11-21T06:14:35.653",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T15:15:09.757",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-03 20:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is a Memory Buffer Improper Operation Limit vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause exceptions in image processing.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Memory Buffer Improper Operation Limit vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause exceptions in image processing."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de L\u00edmite de Funcionamiento Inapropiado del B\u00fafer de Memoria en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar excepciones en el procesamiento de im\u00e1genes"
}
],
"id": "CVE-2021-22335",
"lastModified": "2024-11-21T05:49:56.030",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-03T20:15:08.500",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:43
Modified
2024-11-21 06:23
Severity ?
Summary
There is an improper access control vulnerability in the video module. Successful exploitation of this vulnerability may affect confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an improper access control vulnerability in the video module. Successful exploitation of this vulnerability may affect confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de control de acceso inapropiado en el m\u00f3dulo de v\u00eddeo. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad"
}
],
"id": "CVE-2021-40063",
"lastModified": "2024-11-21T06:23:30.087",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:43:24.527",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-13 22:15
Modified
2024-11-21 05:40
Severity ?
Summary
There is a vulnerability with buffer access with incorrect length value in some Huawei Smartphone.Unauthorized users may trigger code execution when a buffer overflow occurs.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability with buffer access with incorrect length value in some Huawei Smartphone.Unauthorized users may trigger code execution when a buffer overflow occurs."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad con el acceso al b\u00fafer con un valor de longitud incorrecto en algunos tel\u00e9fonos inteligentes Huawei. Los usuarios no autorizados pueden activar la ejecuci\u00f3n del c\u00f3digo cuando se produce un desbordamiento del b\u00fafer."
}
],
"id": "CVE-2020-9140",
"lastModified": "2024-11-21T05:40:07.143",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-13T22:15:14.020",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-08 15:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user root privilege escalation.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user root privilege escalation."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Condici\u00f3n de Carrera en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede conllevar a una escalada de privilegios del usuario root"
}
],
"id": "CVE-2021-37074",
"lastModified": "2024-11-21T06:14:36.170",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T15:15:09.807",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-02 17:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause random kernel address access.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause random kernel address access."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de Desbordamiento de Enteros en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar un acceso aleatorio a la direcci\u00f3n del kernel"
}
],
"id": "CVE-2021-22412",
"lastModified": "2024-11-21T05:50:04.620",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-02T17:15:14.220",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-02 17:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Incorrect Calculation of Buffer Size in Huawei Smartphone.Successful exploitation of this vulnerability may cause verification bypass and directions to abnormal addresses.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Incorrect Calculation of Buffer Size in Huawei Smartphone.Successful exploitation of this vulnerability may cause verification bypass and directions to abnormal addresses."
},
{
"lang": "es",
"value": "Se presenta un C\u00e1lculo Incorrecto del Tama\u00f1o del Buffer en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una omisi\u00f3n de una comprobaci\u00f3n y unas direcciones a direcciones anormales"
}
],
"id": "CVE-2021-22392",
"lastModified": "2024-11-21T05:50:02.160",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-02T17:15:14.033",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-131"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 22:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause out-of-bounds memory write.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause out-of-bounds memory write."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de comprobaci\u00f3n de entrada en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una escritura de memoria fuera de l\u00edmites"
}
],
"id": "CVE-2021-22345",
"lastModified": "2024-11-21T05:49:57.097",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T22:15:08.123",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-16 18:15
Modified
2025-06-03 18:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
The number identification module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause data disclosure.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The number identification module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause data disclosure."
},
{
"lang": "es",
"value": "El m\u00f3dulo de identificaci\u00f3n de n\u00fameros presenta una vulnerabilidad de salto de ruta. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar la divulgaci\u00f3n de datos"
}
],
"id": "CVE-2022-39001",
"lastModified": "2025-06-03T18:15:22.960",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-09-16T18:15:17.937",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-10 14:10
Modified
2024-11-21 06:23
Severity ?
Summary
There is a Double free vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Double free vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Doble liberaci\u00f3n en el m\u00f3dulo AOD de los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la integridad del servicio"
}
],
"id": "CVE-2021-40038",
"lastModified": "2024-11-21T06:23:26.300",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-10T14:10:22.707",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-415"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-25 19:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a software integer overflow leading to a TOCTOU condition in smartphones. Successful exploitation of this vulnerability may cause random address access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a software integer overflow leading to a TOCTOU condition in smartphones. Successful exploitation of this vulnerability may cause random address access."
},
{
"lang": "es",
"value": "Se presenta un desbordamiento de enteros de software que conlleva a una condici\u00f3n TOCTOU en los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar el acceso a direcciones aleatorias.\n"
}
],
"id": "CVE-2021-22437",
"lastModified": "2024-11-21T05:50:07.583",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-25T19:15:10.470",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 15:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Improper Validation of Array Index Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause stability risks.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper Validation of Array Index Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause stability risks."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Comprobaci\u00f3n Inapropiada de \u00cdndices de Matrices en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar riesgos de estabilidad"
}
],
"id": "CVE-2021-22374",
"lastModified": "2024-11-21T05:50:00.007",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T15:15:10.477",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-129"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-03 16:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone. Attackers with physical access to the device can thereby exploit this vulnerability. A successful exploitation of this vulnerability can compromise the device's data security and functional availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone. Attackers with physical access to the device can thereby exploit this vulnerability. A successful exploitation of this vulnerability can compromise the device\u0027s data security and functional availability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Falta de Autenticaci\u00f3n para una Funci\u00f3n Cr\u00edtica en el Smartphone de Huawei. Atacantes con acceso f\u00edsico al dispositivo pueden explotar esta vulnerabilidad. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede comprometer la seguridad de los datos y la disponibilidad funcional del dispositivo"
}
],
"id": "CVE-2021-22316",
"lastModified": "2024-11-21T05:49:53.770",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-03T16:15:11.350",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/2/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-11 20:15
Modified
2024-11-21 06:46
Severity ?
Summary
A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality."
},
{
"lang": "es",
"value": "se presenta una vulnerabilidad de omisi\u00f3n de permisos cuando las CAs de NFC acceden al TEE. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad de los datos"
}
],
"id": "CVE-2022-22254",
"lastModified": "2024-11-21T06:46:29.907",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-11T20:15:19.567",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a issue of Unstandardized field names in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a issue of Unstandardized field names in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta un problema de nombres de campo no Estandarizados en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la confidencialidad del servicio"
}
],
"id": "CVE-2021-22486",
"lastModified": "2024-11-21T05:50:12.580",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:10.147",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Kernel crash vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may escalate permissions.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Kernel crash vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may escalate permissions."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de bloqueo del Kernel en Huawei Smartphone"
}
],
"id": "CVE-2021-36989",
"lastModified": "2024-11-21T06:14:27.053",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:10.530",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-13 15:15
Modified
2024-11-21 06:34
Severity ?
Summary
Configuration defects in the secure OS module. Successful exploitation of this vulnerability can affect availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Configuration defects in the secure OS module. Successful exploitation of this vulnerability can affect availability."
},
{
"lang": "es",
"value": "Defectos de configuraci\u00f3n en el m\u00f3dulo de SO seguro. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la disponibilidad"
}
],
"id": "CVE-2021-46789",
"lastModified": "2024-11-21T06:34:43.503",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-13T15:15:08.617",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 21:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of insufficient input verification may cause the system to restart.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of insufficient input verification may cause the system to restart."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Verificaci\u00f3n de Entrada en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de una comprobaci\u00f3n de entrada insuficiente puede causar que el sistema se reinicie"
}
],
"id": "CVE-2021-22349",
"lastModified": "2024-11-21T05:49:57.483",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T21:15:09.797",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-25 19:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed."
},
{
"lang": "es",
"value": "Se presenta una direcci\u00f3n de memoria fuera de l\u00edmites en los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una ejecuci\u00f3n de c\u00f3digo malicioso.\n"
}
],
"id": "CVE-2021-22426",
"lastModified": "2024-11-21T05:50:06.320",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-25T19:15:09.207",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-16 18:15
Modified
2024-11-21 07:17
Severity ?
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE0AFB0-A112-484B-BEAD-A7F1BDDCE313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability."
},
{
"lang": "es",
"value": "El m\u00f3dulo de Sistema Operativo seguro presenta defectos de configuraci\u00f3n. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad del sistema"
}
],
"id": "CVE-2022-38993",
"lastModified": "2024-11-21T07:17:19.937",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:17.667",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-07 16:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause some services to restart.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause some services to restart."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de verificaci\u00f3n de entrada en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar el reinicio de algunos servicios"
}
],
"id": "CVE-2021-37047",
"lastModified": "2024-11-21T06:14:33.310",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-07T16:15:07.537",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-02 18:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de Divulgaci\u00f3n de Informaci\u00f3n en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar al sistema reiniciarse"
}
],
"id": "CVE-2021-22446",
"lastModified": "2024-11-21T05:50:08.537",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-02T18:15:08.607",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 14:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a Key Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality,availability and integrity.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Key Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality,availability and integrity."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de Errores de Administraci\u00f3n de Claves en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad, la disponibilidad y la integridad del servicio"
}
],
"id": "CVE-2021-22375",
"lastModified": "2024-11-21T05:50:00.120",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T14:15:08.657",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-08 15:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Code Injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system restart.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Code Injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system restart."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Inyecci\u00f3n de C\u00f3digo en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede conllevar a un reinicio del sistema"
}
],
"id": "CVE-2021-37097",
"lastModified": "2024-11-21T06:14:38.623",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T15:15:10.023",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-25 19:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a buffer overflow vulnerability in smartphones. Successful exploitation of this vulnerability may cause DoS of the apps during Multi-Screen Collaboration.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a buffer overflow vulnerability in smartphones. Successful exploitation of this vulnerability may cause DoS of the apps during Multi-Screen Collaboration."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento de b\u00fafer en los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar DoS de las aplicaciones durante la colaboraci\u00f3n multipantalla."
}
],
"id": "CVE-2021-22394",
"lastModified": "2024-11-21T05:50:02.400",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-25T19:15:08.927",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202108-0000001181125881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202108-0000001181125881"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-23 16:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is an Unstandardized field names in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Unstandardized field names in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de nombres de campo No Estandarizados en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad del servicio"
}
],
"id": "CVE-2021-37034",
"lastModified": "2024-11-21T06:14:31.897",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-23T16:15:09.880",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-16 18:15
Modified
2024-11-21 07:17
Severity ?
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE0AFB0-A112-484B-BEAD-A7F1BDDCE313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality."
},
{
"lang": "es",
"value": "El m\u00f3dulo de Sistema Operativo seguro presenta defectos de configuraci\u00f3n. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad de los datos"
}
],
"id": "CVE-2022-38979",
"lastModified": "2024-11-21T07:17:18.193",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:17.387",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-25 19:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause unauthorized read and write of some files.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause unauthorized read and write of some files."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de verificaci\u00f3n inapropiada en los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una lectura y escritura no autorizada de algunos archivos.\n"
}
],
"id": "CVE-2021-22448",
"lastModified": "2024-11-21T05:50:08.763",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-25T19:15:10.770",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-12 14:15
Modified
2024-11-21 07:10
Severity ?
Summary
The AT commands of the USB port have an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The AT commands of the USB port have an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability."
},
{
"lang": "es",
"value": "Los comandos AT del puerto USB tienen una vulnerabilidad de lectura fuera de l\u00edmites. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad del sistema"
}
],
"id": "CVE-2022-34743",
"lastModified": "2024-11-21T07:10:06.397",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-12T14:15:19.570",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-13 22:15
Modified
2024-11-21 05:40
Severity ?
Summary
There is a heap-based buffer overflow vulnerability in some Huawei Smartphone, Successful exploit of this vulnerability can cause process exceptions during updating.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a heap-based buffer overflow vulnerability in some Huawei Smartphone, Successful exploit of this vulnerability can cause process exceptions during updating."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en algunos tel\u00e9fonos inteligentes Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar excepciones en el proceso durante la actualizaci\u00f3n."
}
],
"id": "CVE-2020-9138",
"lastModified": "2024-11-21T05:40:06.840",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-13T22:15:13.880",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-03 16:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Falta de Autenticaci\u00f3n para una Funci\u00f3n Cr\u00edtica en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede perjudicar la confidencialidad de los datos"
}
],
"id": "CVE-2021-22322",
"lastModified": "2024-11-21T05:49:54.560",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-03T16:15:11.407",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/3/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-13 16:15
Modified
2024-11-21 07:05
Severity ?
Summary
The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability."
},
{
"lang": "es",
"value": "El m\u00f3dulo de activaci\u00f3n de voz presenta una vulnerabilidad de uso de cadenas de formato controladas externamente. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad del sistema"
}
],
"id": "CVE-2022-31753",
"lastModified": "2024-11-21T07:05:14.133",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-13T16:15:08.620",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-16 18:15
Modified
2024-11-21 07:17
Severity ?
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality."
},
{
"lang": "es",
"value": "El m\u00f3dulo de SO seguro tiene defectos de configuraci\u00f3n. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar a la confidencialidad de los datos."
}
],
"id": "CVE-2022-38988",
"lastModified": "2024-11-21T07:17:19.313",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:17.477",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-03 20:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause leaking of user click data.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause leaking of user click data."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Divulgaci\u00f3n de Informaci\u00f3n en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar la filtraci\u00f3n de los datos de los clics del usuario"
}
],
"id": "CVE-2021-22337",
"lastModified": "2024-11-21T05:49:56.237",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-03T20:15:08.530",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-10 20:16
Modified
2024-11-21 07:14
Severity ?
Summary
The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE). Successful exploitation of this vulnerability may affect the availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE). Successful exploitation of this vulnerability may affect the availability."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n Settings presenta una vulnerabilidad de omisi\u00f3n de la experiencia out-of-box (OOBE). Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad"
}
],
"id": "CVE-2022-37004",
"lastModified": "2024-11-21T07:14:15.987",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-10T20:16:04.263",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Register tampering vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow the register value to be modified.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Register tampering vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow the register value to be modified."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de manipulaci\u00f3n de Registros en Huawei Smartphone que puede permitir la modificaci\u00f3n del valor del registro"
}
],
"id": "CVE-2021-37001",
"lastModified": "2024-11-21T06:14:28.247",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:11.387",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-16 18:15
Modified
2024-11-21 07:17
Severity ?
Summary
The iAware module has a vulnerability in managing malicious apps.Successful exploitation of this vulnerability will cause malicious apps to automatically start upon system startup.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE0AFB0-A112-484B-BEAD-A7F1BDDCE313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The iAware module has a vulnerability in managing malicious apps.Successful exploitation of this vulnerability will cause malicious apps to automatically start upon system startup."
},
{
"lang": "es",
"value": "El m\u00f3dulo iAware presenta una vulnerabilidad en la administraci\u00f3n de aplicaciones maliciosas. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad causar\u00e1 que las aplicaciones maliciosas sean iniciadas autom\u00e1ticamente al arrancar el sistema"
}
],
"id": "CVE-2022-39000",
"lastModified": "2024-11-21T07:17:20.783",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:17.900",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-13 15:15
Modified
2024-11-21 07:05
Severity ?
Summary
The AMS module has a vulnerability in input validation. Successful exploitation of this vulnerability may cause privilege escalation.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The AMS module has a vulnerability in input validation. Successful exploitation of this vulnerability may cause privilege escalation."
},
{
"lang": "es",
"value": "El m\u00f3dulo AMS presenta una vulnerabilidad en la comprobaci\u00f3n de entradas. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una escalada de privilegios"
}
],
"id": "CVE-2022-31762",
"lastModified": "2024-11-21T07:05:15.463",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-13T15:15:10.423",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:43
Modified
2024-11-21 06:23
Severity ?
Summary
There is a vulnerability of memory not being released after effective lifetime in the Bastet module. Successful exploitation of this vulnerability may affect integrity.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability of memory not being released after effective lifetime in the Bastet module. Successful exploitation of this vulnerability may affect integrity."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de que la memoria no es liberada despu\u00e9s del tiempo de vida efectivo en el m\u00f3dulo Bastet. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la integridad"
}
],
"id": "CVE-2021-40047",
"lastModified": "2024-11-21T06:23:27.677",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:43:16.463",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-12 14:15
Modified
2024-11-21 07:10
Severity ?
Summary
The system module has a read/write vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The system module has a read/write vulnerability. Successful exploitation of this vulnerability may affect data confidentiality."
},
{
"lang": "es",
"value": "El m\u00f3dulo del sistema presenta una vulnerabilidad de lectura/escritura. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad de los datos"
}
],
"id": "CVE-2022-34742",
"lastModified": "2024-11-21T07:10:06.290",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-12T14:15:19.533",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-04-01 18:15
Modified
2024-11-21 05:40
Severity ?
Summary
An application bypass mechanism vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to delete user SMS messages.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@huawei.com | https://consumer.huawei.com/cn/support/bulletin/2021/1 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://consumer.huawei.com/cn/support/bulletin/2021/1 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An application bypass mechanism vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to delete user SMS messages."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad del mecanismo de omisi\u00f3n de aplicaciones en la interfaz de un componente del Smartphone Huawei.\u0026#xa0;Los atacantes locales pueden explotar esta vulnerabilidad para eliminar los mensajes SMS de los usuarios."
}
],
"id": "CVE-2020-9148",
"lastModified": "2024-11-21T05:40:08.343",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-04-01T18:15:12.480",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/cn/support/bulletin/2021/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/cn/support/bulletin/2021/1"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Code injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may exhaust system resources and cause the system to restart.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Code injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may exhaust system resources and cause the system to restart."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de inyecci\u00f3n de C\u00f3digo en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede agotar los recursos del sistema y causar el reinicio del mismo"
}
],
"id": "CVE-2021-36985",
"lastModified": "2024-11-21T06:14:26.627",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:10.357",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-16 18:15
Modified
2024-11-21 07:17
Severity ?
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability."
},
{
"lang": "es",
"value": "El m\u00f3dulo de Sistema Operativo seguro presenta defectos de configuraci\u00f3n. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad del sistema"
}
],
"id": "CVE-2022-38989",
"lastModified": "2024-11-21T07:17:19.440",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:17.513",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-08 15:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Bluetooth DoS.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Bluetooth DoS."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de verificaci\u00f3n de entrada en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar un DoS en el Bluetooth"
}
],
"id": "CVE-2021-37039",
"lastModified": "2024-11-21T06:14:32.433",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T15:15:09.210",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-03 17:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is an Improper Control of Generation of Code vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause denial of security services on a rooted device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper Control of Generation of Code vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause denial of security services on a rooted device."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Control Inapropiado de Generaci\u00f3n de C\u00f3digo en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar la negaci\u00f3n de los servicios de seguridad en un dispositivo rooted"
}
],
"id": "CVE-2021-22336",
"lastModified": "2024-11-21T05:49:56.140",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-03T17:15:07.923",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-02 17:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause random address access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause random address access."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de Comprobaci\u00f3n de Entrada en el Smartphone de Huawei, Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar acceso a direcciones aleatorias"
}
],
"id": "CVE-2021-22443",
"lastModified": "2024-11-21T05:50:08.223",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-02T17:15:14.613",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-13 22:15
Modified
2024-11-21 05:40
Severity ?
Summary
There is a missing authentication vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability may lead to low-sensitive information exposure.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a missing authentication vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability may lead to low-sensitive information exposure."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de falta de autenticaci\u00f3n en algunos tel\u00e9fonos inteligentes de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede conllevar a una exposici\u00f3n de informaci\u00f3n poco confidencial."
}
],
"id": "CVE-2020-9143",
"lastModified": "2024-11-21T05:40:07.553",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-13T22:15:14.177",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-16 18:15
Modified
2024-11-21 07:17
Severity ?
Summary
Double free vulnerability in the storage module. Successful exploitation of this vulnerability will cause the memory to be freed twice.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Double free vulnerability in the storage module. Successful exploitation of this vulnerability will cause the memory to be freed twice."
},
{
"lang": "es",
"value": "Una vulnerabilidad de doble liberaci\u00f3n en el m\u00f3dulo de almacenamiento. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad causar\u00e1 que la memoria sea liberada dos veces"
}
],
"id": "CVE-2022-39002",
"lastModified": "2024-11-21T07:17:21.063",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:17.977",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202210-0000001416095697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202210-0000001416095697"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-415"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-12 14:15
Modified
2024-11-21 07:10
Severity ?
Summary
The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation."
},
{
"lang": "es",
"value": "El m\u00f3dulo NFC presenta una vulnerabilidad de desbordamiento de b\u00fafer. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar excepciones en el registro, eliminaci\u00f3n y activaci\u00f3n de tarjetas NFC"
}
],
"id": "CVE-2022-34741",
"lastModified": "2024-11-21T07:10:06.183",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-12T14:15:19.493",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a vulnerability of tampering with the kernel in Huawei Smartphone.Successful exploitation of this vulnerability may escalate permissions.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability of tampering with the kernel in Huawei Smartphone.Successful exploitation of this vulnerability may escalate permissions."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de manipulaci\u00f3n del kernel en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede escalar los permisos"
}
],
"id": "CVE-2021-36986",
"lastModified": "2024-11-21T06:14:26.737",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:10.400",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-10 14:10
Modified
2024-11-21 06:23
Severity ?
Summary
There is an Out-of-bounds write vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Out-of-bounds write vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de escritura fuera de l\u00edmites en el m\u00f3dulo AOD de los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la integridad del servicio"
}
],
"id": "CVE-2021-40009",
"lastModified": "2024-11-21T06:23:22.297",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-10T14:10:21.310",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-13 15:15
Modified
2024-11-21 07:05
Severity ?
Summary
The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability."
},
{
"lang": "es",
"value": "El m\u00f3dulo kernel emcom presenta contenci\u00f3n multihilo. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad del sistema"
}
],
"id": "CVE-2022-31751",
"lastModified": "2024-11-21T07:05:13.820",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-13T15:15:10.047",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-16 18:15
Modified
2024-11-21 07:17
Severity ?
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality."
},
{
"lang": "es",
"value": "El m\u00f3dulo de Sistema Operativo seguro presenta defectos de configuraci\u00f3n. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad de los datos"
}
],
"id": "CVE-2022-38991",
"lastModified": "2024-11-21T07:17:19.687",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:17.590",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-11 20:15
Modified
2024-11-21 06:46
Severity ?
Summary
The Wi-Fi module has an event notification vulnerability.Successful exploitation of this vulnerability may allow third-party applications to intercept event notifications and add information and result in elevation-of-privilege.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Wi-Fi module has an event notification vulnerability.Successful exploitation of this vulnerability may allow third-party applications to intercept event notifications and add information and result in elevation-of-privilege."
},
{
"lang": "es",
"value": "El m\u00f3dulo Wi-Fi presenta una vulnerabilidad de notificaci\u00f3n de eventos. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede permitir a las aplicaciones de terceros interceptar las notificaciones de eventos y a\u00f1adir informaci\u00f3n y resultar en una elevaci\u00f3n de privilegios"
}
],
"id": "CVE-2022-22258",
"lastModified": "2024-11-21T06:46:30.350",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-11T20:15:19.747",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-25 19:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad cuando es configurado el aislamiento de permisos en los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar un acceso fuera de l\u00edmites.\n"
}
],
"id": "CVE-2021-22431",
"lastModified": "2024-11-21T05:50:06.913",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-25T19:15:09.833",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-25 19:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service availability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de DoS en los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad del servicio.\n"
}
],
"id": "CVE-2021-22489",
"lastModified": "2024-11-21T05:50:12.893",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-25T19:15:11.340",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202108-0000001181125881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202108-0000001181125881"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 15:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Huawei Smartphone. Successful exploitation of these vulnerabilities may escalate the permission to that of the root user.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Huawei Smartphone. Successful exploitation of these vulnerabilities may escalate the permission to that of the root user."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Condici\u00f3n de Carrera en Time-of-check Time-of-use (TOCTOU) en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede escalar el permiso hasta el del usuario root"
}
],
"id": "CVE-2021-22369",
"lastModified": "2024-11-21T05:49:59.460",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T15:15:10.380",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-367"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-13 16:15
Modified
2024-11-21 07:05
Severity ?
Summary
Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality."
},
{
"lang": "es",
"value": "Una vulnerabilidad de autorizaci\u00f3n faltante en los componentes del sistema. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad afectar\u00e1 a la confidencialidad"
}
],
"id": "CVE-2022-31752",
"lastModified": "2024-11-21T07:05:13.973",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-13T16:15:08.570",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-02 17:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause an infinite loop in DoS.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause an infinite loop in DoS."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de Comprobaci\u00f3n de Entrada en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar un bucle infinito en DoS"
}
],
"id": "CVE-2021-22381",
"lastModified": "2024-11-21T05:50:00.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-02T17:15:13.670",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-16 18:15
Modified
2024-11-21 07:17
Severity ?
Summary
The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE0AFB0-A112-484B-BEAD-A7F1BDDCE313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks."
},
{
"lang": "es",
"value": "El m\u00f3dulo MPTCP, presenta una vulnerabilidad de p\u00e9rdida de memoria. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar p\u00e9rdidas de memoria"
}
],
"id": "CVE-2022-39005",
"lastModified": "2024-11-21T07:17:21.550",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:18.090",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-10 20:16
Modified
2025-09-08 19:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Summary
The AOD module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may cause permission escalation and unauthorized access to files.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The AOD module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may cause permission escalation and unauthorized access to files."
},
{
"lang": "es",
"value": "El m\u00f3dulo AOD presenta una vulnerabilidad en la asignaci\u00f3n de permisos. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una escalada de permisos y el acceso no autorizado a los archivos"
}
],
"id": "CVE-2022-37003",
"lastModified": "2025-09-08T19:15:33.170",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-08-10T20:16:04.073",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-13 22:15
Modified
2024-11-21 05:40
Severity ?
Summary
There is a improper input validation vulnerability in some Huawei Smartphone.Successful exploit of this vulnerability can cause memory access errors and denial of service.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a improper input validation vulnerability in some Huawei Smartphone.Successful exploit of this vulnerability can cause memory access errors and denial of service."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de comprobaci\u00f3n inapropiada de entrada en algunos tel\u00e9fonos inteligentes de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar errores de acceso a la memoria y denegaci\u00f3n de servicio."
}
],
"id": "CVE-2020-9139",
"lastModified": "2024-11-21T05:40:07.000",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-13T22:15:13.943",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-03 20:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is an Improper Access Control vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause app redirections.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper Access Control vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause app redirections."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de control de acceso inadecuado en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar redireccionamientos de aplicaciones"
}
],
"id": "CVE-2021-22334",
"lastModified": "2024-11-21T05:49:55.930",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-03T20:15:08.470",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:43
Modified
2024-11-21 06:23
Severity ?
Summary
There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of this vulnerability may affect integrity.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of this vulnerability may affect integrity."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento de enteros en el m\u00f3dulo atcmdserver. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la integridad"
}
],
"id": "CVE-2021-40054",
"lastModified": "2024-11-21T06:23:28.723",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:43:20.147",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-191"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-13 15:15
Modified
2024-11-21 06:34
Severity ?
Summary
The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability."
},
{
"lang": "es",
"value": "video framework presenta una vulnerabilidad de lectura/escritura de memoria fuera de l\u00edmites. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad del sistema"
}
],
"id": "CVE-2021-46814",
"lastModified": "2024-11-21T06:34:45.203",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-13T15:15:09.893",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-08 15:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is an Invalid address access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Invalid address access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de acceso a direcciones no v\u00e1lidas en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar el reinicio del dispositivo"
}
],
"id": "CVE-2021-37037",
"lastModified": "2024-11-21T06:14:32.220",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T15:15:09.147",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-02 18:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de Comprobaci\u00f3n de Entrada en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar al sistema reiniciarse"
}
],
"id": "CVE-2021-22445",
"lastModified": "2024-11-21T05:50:08.433",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-02T18:15:08.543",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-10 14:10
Modified
2024-11-21 06:23
Severity ?
Summary
There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento de b\u00fafer debido a un error de l\u00edmites con el servidor Samba en el m\u00f3dulo file management en los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la estabilidad del funcionamiento"
}
],
"id": "CVE-2021-40035",
"lastModified": "2024-11-21T06:23:25.877",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-10T14:10:22.360",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Parameter verification issue in Huawei Smartphone.Successful exploitation of this vulnerability can affect service integrity.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Parameter verification issue in Huawei Smartphone.Successful exploitation of this vulnerability can affect service integrity."
},
{
"lang": "es",
"value": "Se presenta un problema de verificaci\u00f3n de Par\u00e1metros en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la integridad del servicio"
}
],
"id": "CVE-2021-36988",
"lastModified": "2024-11-21T06:14:26.947",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:10.487",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-10 14:10
Modified
2024-11-21 06:23
Severity ?
Summary
There is an uncontrolled resource consumption vulnerability in the display module. Successful exploitation of this vulnerability may affect integrity.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an uncontrolled resource consumption vulnerability in the display module. Successful exploitation of this vulnerability may affect integrity."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de consumo incontrolado de recursos en el m\u00f3dulo de visualizaci\u00f3n. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la integridad"
}
],
"id": "CVE-2021-40011",
"lastModified": "2024-11-21T06:23:22.587",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-10T14:10:21.407",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-03 22:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de l\u00f3gica de Servicio en el Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar WLAN DoS"
}
],
"id": "CVE-2021-37117",
"lastModified": "2024-11-21T06:14:40.740",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-03T22:15:09.347",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-25 19:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad cuando es configurado el aislamiento de permisos en los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar un acceso fuera de l\u00edmites.\n"
}
],
"id": "CVE-2021-22432",
"lastModified": "2024-11-21T05:50:07.043",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-25T19:15:10.007",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-16 18:15
Modified
2024-11-21 07:17
Severity ?
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE0AFB0-A112-484B-BEAD-A7F1BDDCE313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality."
},
{
"lang": "es",
"value": "El m\u00f3dulo de Sistema Operativo seguro presenta defectos de configuraci\u00f3n. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad de los datos"
}
],
"id": "CVE-2022-38997",
"lastModified": "2024-11-21T07:17:20.427",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:17.820",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-02 17:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Incorrect Calculation of Buffer Size in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Incorrect Calculation of Buffer Size in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
},
{
"lang": "es",
"value": "Se presenta un C\u00e1lculo Incorrecto del Tama\u00f1o del B\u00fafer en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar al sistema reiniciarse"
}
],
"id": "CVE-2021-22391",
"lastModified": "2024-11-21T05:50:02.033",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-02T17:15:13.983",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-131"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-11 20:15
Modified
2024-11-21 06:46
Severity ?
Summary
The DFX module has an access control vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DFX module has an access control vulnerability.Successful exploitation of this vulnerability may affect data confidentiality."
},
{
"lang": "es",
"value": "El m\u00f3dulo DFX presenta una vulnerabilidad de control de acceso. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad de los datos"
}
],
"id": "CVE-2022-22256",
"lastModified": "2024-11-21T06:46:30.127",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-11T20:15:19.657",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-10 14:10
Modified
2024-11-21 06:23
Severity ?
Summary
There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desreferencia de puntero null en el m\u00f3dulo camera de los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la integridad del servicio"
}
],
"id": "CVE-2021-40039",
"lastModified": "2024-11-21T06:23:26.437",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-10T14:10:22.937",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:43
Modified
2024-11-21 06:23
Severity ?
Summary
There is a heap-based and stack-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a heap-based and stack-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n heap y en la regi\u00f3n stack de la memoria en el marco de v\u00eddeo. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad"
}
],
"id": "CVE-2021-40057",
"lastModified": "2024-11-21T06:23:29.120",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:43:21.850",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-23 16:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is an Improper permission vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper permission vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Permisos Inapropiados en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la disponibilidad del servicio"
}
],
"id": "CVE-2021-37030",
"lastModified": "2024-11-21T06:14:31.473",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-23T16:15:09.707",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-13 16:15
Modified
2024-11-21 06:46
Severity ?
Summary
The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability."
},
{
"lang": "es",
"value": "El m\u00f3dulo DFX presenta una vulnerabilidad UAF. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la estabilidad del sistema"
}
],
"id": "CVE-2022-22252",
"lastModified": "2024-11-21T06:46:29.670",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-13T16:15:08.233",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Uninitialized variable vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause transmission of invalid data.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Uninitialized variable vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause transmission of invalid data."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de variable no Inicializada en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una transmisi\u00f3n de datos no v\u00e1lidos"
}
],
"id": "CVE-2021-22482",
"lastModified": "2024-11-21T05:50:12.273",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:09.990",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-909"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is an Unauthorized file access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Unauthorized file access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de acceso no autorizado a archivos en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad mediante la modificaci\u00f3n de enlaces blandos puede alterar los archivos restaurados desde las copias de seguridad"
}
],
"id": "CVE-2021-36995",
"lastModified": "2024-11-21T06:14:27.703",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:10.787",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-07 17:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to malicious application processes occupy system resources.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C38573A5-D1E0-4E8D-AD3F-E369743DA857",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to malicious application processes occupy system resources."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento del b\u00fafer en la regi\u00f3n Stack de la memoria en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede conllevar que los procesos de aplicaciones maliciosas ocupen los recursos del sistema"
}
],
"id": "CVE-2021-37043",
"lastModified": "2024-11-21T06:14:32.883",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-07T17:15:08.387",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-10 20:15
Modified
2024-11-21 06:23
Severity ?
Summary
The video framework has the memory overwriting vulnerability caused by addition overflow. Successful exploitation of this vulnerability may affect the availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The video framework has the memory overwriting vulnerability caused by addition overflow. Successful exploitation of this vulnerability may affect the availability."
},
{
"lang": "es",
"value": "video framework presenta una vulnerabilidad de sobreescritura de memoria causada por desbordamiento de adici\u00f3n. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad"
}
],
"id": "CVE-2021-40034",
"lastModified": "2024-11-21T06:23:25.733",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-10T20:15:22.397",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-12 14:15
Modified
2024-11-21 06:23
Severity ?
Summary
Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect integrity.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect integrity."
},
{
"lang": "es",
"value": "Vulnerabilidad de control de permisos inapropiados en el m\u00f3dulo de Bluetooth: una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad afectar\u00e1 a la integridad"
}
],
"id": "CVE-2021-40013",
"lastModified": "2024-11-21T06:23:22.917",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-12T14:15:14.720",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:43
Modified
2024-11-21 06:23
Severity ?
Summary
There is a heap-based buffer overflow vulnerability in system components. Successful exploitation of this vulnerability may affect system stability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a heap-based buffer overflow vulnerability in system components. Successful exploitation of this vulnerability may affect system stability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en los componentes del sistema. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la estabilidad del sistema"
}
],
"id": "CVE-2021-40064",
"lastModified": "2024-11-21T06:23:30.233",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:43:24.960",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-23 16:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is an Injection attack vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Injection attack vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de ataque de Inyecci\u00f3n en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la disponibilidad del servicio"
}
],
"id": "CVE-2021-37033",
"lastModified": "2024-11-21T06:14:31.793",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-23T16:15:09.833",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-10 14:15
Modified
2024-11-21 05:50
Severity ?
Summary
A component of the Huawei smartphone has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause Kernel Code Execution.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A component of the Huawei smartphone has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause Kernel Code Execution."
},
{
"lang": "es",
"value": "Un componente del smartphone de Huawei, presenta una vulnerabilidad de Control Externo del Sistema o de los Ajustes de Configuraci\u00f3n. Unos atacantes locales pueden explotar esta vulnerabilidad para causar una Ejecuci\u00f3n de C\u00f3digo del Kernel"
}
],
"id": "CVE-2021-22385",
"lastModified": "2024-11-21T05:50:01.297",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-10T14:15:07.173",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Broken Link"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/oem_security_update_phone_202106-0000001165452077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/oem_security_update_phone_202106-0000001165452077"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-668"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-03 17:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may result in video streams being intercepted during transmission.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may result in video streams being intercepted during transmission."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Divulgaci\u00f3n de Informaci\u00f3n en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede resultar a la interceptaci\u00f3n de flujos de v\u00eddeo durante la transmisi\u00f3n"
}
],
"id": "CVE-2021-22325",
"lastModified": "2024-11-21T05:49:54.870",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-03T17:15:07.893",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/3/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-319"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-02 17:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Incomplete Cleanup Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Incomplete Cleanup Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de Limpieza Incompleta en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede conllevar una omisi\u00f3n de la autenticaci\u00f3n"
}
],
"id": "CVE-2021-22428",
"lastModified": "2024-11-21T05:50:06.550",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-02T17:15:14.440",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
},
{
"lang": "en",
"value": "CWE-459"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-08 15:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is an Identity spoofing and authentication bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Identity spoofing and authentication bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de suplantaci\u00f3n de identidad y omisi\u00f3n de autenticaci\u00f3n en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad del servicio"
}
],
"id": "CVE-2021-37054",
"lastModified": "2024-11-21T06:14:34.093",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T15:15:09.700",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-23 16:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de DoS remoto en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad causar\u00e1 una salida no esperada de la aplicaci\u00f3n"
}
],
"id": "CVE-2021-37031",
"lastModified": "2024-11-21T06:14:31.580",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-23T16:15:09.750",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de verificaci\u00f3n de Entrada en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la disponibilidad del servicio"
}
],
"id": "CVE-2021-22491",
"lastModified": "2024-11-21T05:50:13.107",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:10.307",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-07 16:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Memory leak vulnerability with the codec detection module in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart due to memory exhaustion.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Memory leak vulnerability with the codec detection module in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart due to memory exhaustion."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de p\u00e9rdida de Memoria en el m\u00f3dulo de detecci\u00f3n de c\u00f3decs en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar el reinicio del dispositivo debido al agotamiento de la memoria"
}
],
"id": "CVE-2021-37046",
"lastModified": "2024-11-21T06:14:33.203",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-07T16:15:07.497",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-03 16:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is a Security Function vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Security Function vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de la Funci\u00f3n de Seguridad en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede perjudicar la confidencialidad de los datos"
}
],
"id": "CVE-2021-22313",
"lastModified": "2024-11-21T05:49:53.560",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-03T16:15:11.323",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/2/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-11 20:15
Modified
2024-11-21 06:23
Severity ?
Summary
The communication module has a service logic error vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The communication module has a service logic error vulnerability.Successful exploitation of this vulnerability may affect data confidentiality."
},
{
"lang": "es",
"value": "El m\u00f3dulo de comunicaci\u00f3n presenta una vulnerabilidad de error de l\u00f3gica de servicio. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad de los datos"
}
],
"id": "CVE-2021-40065",
"lastModified": "2024-11-21T06:23:30.380",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-11T20:15:15.987",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to read an array that is out of bounds.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to read an array that is out of bounds."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de verificaci\u00f3n inapropiada en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad exitosa puede permitir intentos de lectura de una matriz que est\u00e1 fuera de l\u00edmites"
}
],
"id": "CVE-2021-36998",
"lastModified": "2024-11-21T06:14:28.027",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:10.913",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a issue of IP address spoofing in Huawei Smartphone. Successful exploitation of this vulnerability may cause DoS.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a issue of IP address spoofing in Huawei Smartphone. Successful exploitation of this vulnerability may cause DoS."
},
{
"lang": "es",
"value": "Se presenta un problema de suplantaci\u00f3n de direcciones IP en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar DoS"
}
],
"id": "CVE-2021-22483",
"lastModified": "2024-11-21T05:50:12.377",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:10.050",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a issue that nodes in the linked list being freed for multiple times in Huawei Smartphone due to race conditions. Successful exploitation of this vulnerability can cause the system to restart.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a issue that nodes in the linked list being freed for multiple times in Huawei Smartphone due to race conditions. Successful exploitation of this vulnerability can cause the system to restart."
},
{
"lang": "es",
"value": "Se presenta un problema de liberaci\u00f3n de nodos en la lista enlazada por m\u00faltiples veces en Huawei Smartphone debido a condiciones de carrera. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar el reinicio del sistema"
}
],
"id": "CVE-2021-36987",
"lastModified": "2024-11-21T06:14:26.840",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:10.443",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-07 16:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is an Improper permission control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to obtain certain device information.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@huawei.com | https://consumer.huawei.com/en/support/bulletin/2021/9/ | Not Applicable, Vendor Advisory | |
| nvd@nist.gov | https://consumer.huawei.com/om/support/bulletin/2021/10/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://consumer.huawei.com/en/support/bulletin/2021/9/ | Not Applicable, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper permission control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to obtain certain device information."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de control de permisos Inapropiada en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede permitir intentos de obtener determinada informaci\u00f3n del dispositivo"
}
],
"id": "CVE-2021-37056",
"lastModified": "2024-11-21T06:14:34.303",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-07T16:15:07.617",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "nvd@nist.gov",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/om/support/bulletin/2021/10/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-281"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:43
Modified
2024-11-21 06:23
Severity ?
Summary
There is a permission control vulnerability in the Nearby module.Successful exploitation of this vulnerability will affect availability and integrity.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE0AFB0-A112-484B-BEAD-A7F1BDDCE313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a permission control vulnerability in the Nearby module.Successful exploitation of this vulnerability will affect availability and integrity."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de control de permisos en el m\u00f3dulo Nearby.La explotaci\u00f3n exitosa de esta vulnerabilidad afectar\u00e1 la disponibilidad e integridad"
}
],
"id": "CVE-2021-40053",
"lastModified": "2024-11-21T06:23:28.583",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:43:19.430",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-07-01 11:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is an Improper Access Control vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause temporary DoS.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper Access Control vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause temporary DoS."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Control de Acceso Inapropiado en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar DoS temporal"
}
],
"id": "CVE-2021-22347",
"lastModified": "2024-11-21T05:49:57.293",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-01T11:15:07.423",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-02 17:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause code injection.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause code injection."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de Comprobaci\u00f3n de Entrada en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una inyecci\u00f3n de c\u00f3digo"
}
],
"id": "CVE-2021-22444",
"lastModified": "2024-11-21T05:50:08.327",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-02T17:15:14.660",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:43
Modified
2024-11-21 06:23
Severity ?
Summary
There is an incorrect buffer size calculation vulnerability in the video framework.Successful exploitation of this vulnerability may affect availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an incorrect buffer size calculation vulnerability in the video framework.Successful exploitation of this vulnerability may affect availability."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de c\u00e1lculo de tama\u00f1o de b\u00fafer incorrecto en el marco de v\u00eddeo.La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar a la disponibilidad"
}
],
"id": "CVE-2021-40052",
"lastModified": "2024-11-21T06:23:28.460",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:43:18.923",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-131"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-25 19:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a logic bypass vulnerability in smartphones. Successful exploitation of this vulnerability may cause code injection.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a logic bypass vulnerability in smartphones. Successful exploitation of this vulnerability may cause code injection."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de derivaci\u00f3n l\u00f3gica en los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una inyecci\u00f3n de c\u00f3digo."
}
],
"id": "CVE-2021-22430",
"lastModified": "2024-11-21T05:50:06.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-25T19:15:09.610",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-08 15:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Permission control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Permission control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de control de permisos en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad del servicio"
}
],
"id": "CVE-2021-37044",
"lastModified": "2024-11-21T06:14:32.990",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T15:15:09.323",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-281"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by sending malicious images and inducing users to open the images may cause remote code execution.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by sending malicious images and inducing users to open the images may cause remote code execution."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento de B\u00fafer en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad mediante el env\u00edo de im\u00e1genes maliciosas y la inducci\u00f3n de los usuarios a abrir las im\u00e1genes puede causar una ejecuci\u00f3n de c\u00f3digo remota"
}
],
"id": "CVE-2021-36999",
"lastModified": "2024-11-21T06:14:28.133",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:10.953",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a Verification errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Verification errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de errores de verificaci\u00f3n en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la confidencialidad del servicio"
}
],
"id": "CVE-2021-22481",
"lastModified": "2024-11-21T05:50:12.170",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:09.927",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-13 20:15
Modified
2024-11-21 05:40
Severity ?
Summary
There is an Out-of-bounds Write vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability may cause out-of-bounds access to the physical memory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Out-of-bounds Write vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability may cause out-of-bounds access to the physical memory."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de escritura fuera de l\u00edmites en algunos tel\u00e9fonos inteligentes Huawei.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar un acceso fuera de l\u00edmites a la memoria f\u00edsica."
}
],
"id": "CVE-2020-9145",
"lastModified": "2024-11-21T05:40:07.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-13T20:15:12.893",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-11 20:15
Modified
2024-11-21 06:46
Severity ?
Summary
The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system stability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system stability."
},
{
"lang": "es",
"value": "En el m\u00f3dulo DFX se presenta una vulnerabilidad de comprobaci\u00f3n inapropiada de los valores de comprobaci\u00f3n de integridad. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la estabilidad del sistema"
}
],
"id": "CVE-2022-22253",
"lastModified": "2024-11-21T06:46:29.797",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-11T20:15:19.523",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-354"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 15:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is an Improper Permission Management Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper Permission Management Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Administraci\u00f3n de Permisos en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad del servicio"
}
],
"id": "CVE-2021-22371",
"lastModified": "2024-11-21T05:49:59.670",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T15:15:10.413",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-02 17:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA599BC0-D4A1-4A9E-A0F9-8FE30624AFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF1CA3A-3640-41AA-B856-75241BFC0EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de Desbordamiento de Enteros en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar al sistema reiniciarse"
}
],
"id": "CVE-2021-22413",
"lastModified": "2024-11-21T05:50:04.740",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-02T17:15:14.267",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-07 17:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento del b\u00fafer en la regi\u00f3n Stack de la memoria en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede conllevar a una lectura fuera de l\u00edmites"
}
],
"id": "CVE-2021-37020",
"lastModified": "2024-11-21T06:14:30.370",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-07T17:15:08.303",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-16 18:15
Modified
2024-11-21 07:17
Severity ?
Summary
Buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability will affect the confidentiality and integrity of trusted components.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability will affect the confidentiality and integrity of trusted components."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento del b\u00fafer en el marco de v\u00eddeo. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad afectar\u00e1 a la confidencialidad e integridad de los componentes confiables"
}
],
"id": "CVE-2022-39003",
"lastModified": "2024-11-21T07:17:21.300",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:18.013",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-02 17:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a Heap-based Buffer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Heap-based Buffer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento del b\u00fafer en la regi\u00f3n heap de la memoria en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede conllevar una omisi\u00f3n de autenticaci\u00f3n"
}
],
"id": "CVE-2021-22427",
"lastModified": "2024-11-21T05:50:06.440",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-02T17:15:14.400",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 21:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may induce users to grant permissions on modifying items in the configuration table,causing system exceptions.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may induce users to grant permissions on modifying items in the configuration table,causing system exceptions."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de Errores de Administraci\u00f3n de Credenciales en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede inducir a los usuarios a conceder permisos en la modificaci\u00f3n de elementos en la tabla de configuraci\u00f3n, causando excepciones del sistema"
}
],
"id": "CVE-2021-22351",
"lastModified": "2024-11-21T05:49:57.670",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T21:15:09.867",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-10 14:10
Modified
2024-11-21 06:23
Severity ?
Summary
There is an Out-of-bounds array read vulnerability in the security storage module in smartphones. Successful exploitation of this vulnerability may affect service confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Out-of-bounds array read vulnerability in the security storage module in smartphones. Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de lectura de matriz fuera de l\u00edmites en el m\u00f3dulo security storage en los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la confidencialidad del servicio"
}
],
"id": "CVE-2021-40020",
"lastModified": "2024-11-21T06:23:23.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-10T14:10:21.557",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-13 16:15
Modified
2024-11-21 07:05
Severity ?
Summary
The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data confidentiality."
},
{
"lang": "es",
"value": "El m\u00f3dulo de configuraci\u00f3n presenta una vulnerabilidad de uso inapropiado de las API. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad de los datos"
}
],
"id": "CVE-2022-31757",
"lastModified": "2024-11-21T07:05:14.733",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-13T16:15:08.723",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-10 20:15
Modified
2024-11-21 06:23
Severity ?
Summary
Vulnerability of writing data to an arbitrary address in the HW_KEYMASTER module. Successful exploitation of this vulnerability may affect confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability of writing data to an arbitrary address in the HW_KEYMASTER module. Successful exploitation of this vulnerability may affect confidentiality."
},
{
"lang": "es",
"value": "Una vulnerabilidad de escritura de datos a una direcci\u00f3n arbitraria en el m\u00f3dulo HW_KEYMASTER. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad"
}
],
"id": "CVE-2021-40040",
"lastModified": "2024-11-21T06:23:26.580",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-10T20:15:22.443",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-12 14:15
Modified
2024-11-21 07:10
Severity ?
Summary
The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background."
},
{
"lang": "es",
"value": "El m\u00f3dulo SystemUI presenta una vulnerabilidad en el control de permisos. Si esta vulnerabilidad es explotada con \u00e9xito, los usuarios no son conscientes del servicio que es ejecutado en segundo plano"
}
],
"id": "CVE-2022-34738",
"lastModified": "2024-11-21T07:10:05.827",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-12T14:15:19.377",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-16 18:15
Modified
2024-11-21 07:17
Severity ?
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality."
},
{
"lang": "es",
"value": "El m\u00f3dulo de Sistema Operativo seguro presenta defectos de configuraci\u00f3n. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad de los datos"
}
],
"id": "CVE-2022-38992",
"lastModified": "2024-11-21T07:17:19.810",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:17.630",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-07-01 12:15
Modified
2024-11-21 05:40
Severity ?
Summary
There is a Missing Cryptographic Step vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause DoS of Samgr.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA599BC0-D4A1-4A9E-A0F9-8FE30624AFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF1CA3A-3640-41AA-B856-75241BFC0EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Missing Cryptographic Step vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause DoS of Samgr."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Malta de Psos Criptogr\u00e1ficos en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar DoS de Samgr"
}
],
"id": "CVE-2020-9158",
"lastModified": "2024-11-21T05:40:08.620",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-01T12:15:07.477",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/1/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-13 15:15
Modified
2024-11-21 06:59
Severity ?
Summary
There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability."
},
{
"lang": "es",
"value": "Se presenta un defecto de configuraci\u00f3n en el bloqueo de activaci\u00f3n de los tel\u00e9fonos m\u00f3viles. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad de la aplicaci\u00f3n"
}
],
"id": "CVE-2022-29793",
"lastModified": "2024-11-21T06:59:41.807",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-13T15:15:09.937",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-02 17:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Improper Validation of Integrity Check Value Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper Validation of Integrity Check Value Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de Comprobaci\u00f3n Inapropiada del Valor de Comprobaci\u00f3n de Integridad en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar al sistema reiniciarse"
}
],
"id": "CVE-2021-22442",
"lastModified": "2024-11-21T05:50:08.113",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-02T17:15:14.567",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-354"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-10 20:16
Modified
2024-11-21 07:14
Severity ?
Summary
The chinadrm module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect the availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The chinadrm module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect the availability."
},
{
"lang": "es",
"value": "El m\u00f3dulo chinadrm presenta una vulnerabilidad de lectura fuera de l\u00edmites. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad"
}
],
"id": "CVE-2022-37007",
"lastModified": "2024-11-21T07:14:16.347",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-10T20:16:04.797",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Unauthorized file access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Unauthorized file access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de acceso No autorizado a archivos en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad al modificar los enlaces blandos puede alterar los archivos restaurados de las copias de seguridad"
}
],
"id": "CVE-2021-22488",
"lastModified": "2024-11-21T05:50:12.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:10.227",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de verificaci\u00f3n inapropiada en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la confidencialidad del servicio"
}
],
"id": "CVE-2021-22472",
"lastModified": "2024-11-21T05:50:11.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:09.747",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Authentication vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Authentication vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de autenticaci\u00f3n en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la confidencialidad del servicio"
}
],
"id": "CVE-2021-22473",
"lastModified": "2024-11-21T05:50:11.530",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:09.790",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-03 22:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Configuration defects in Smartphone.Successful exploitation of this vulnerability may elevate the MEID (IMEI) permission.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Configuration defects in Smartphone.Successful exploitation of this vulnerability may elevate the MEID (IMEI) permission."
},
{
"lang": "es",
"value": "Se presenta un defecto de Configuraci\u00f3n en el Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede elevar el permiso MEID (IMEI)"
}
],
"id": "CVE-2021-37121",
"lastModified": "2024-11-21T06:14:41.180",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-03T22:15:09.550",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-12 14:15
Modified
2024-11-21 06:23
Severity ?
Summary
Vulnerability of pointers being incorrectly used during data transmission in the video framework. Successful exploitation of this vulnerability may affect confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability of pointers being incorrectly used during data transmission in the video framework. Successful exploitation of this vulnerability may affect confidentiality."
},
{
"lang": "es",
"value": "Una vulnerabilidad de uso incorrecto de punteros durante la transmisi\u00f3n de datos en video framework. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad"
}
],
"id": "CVE-2021-40012",
"lastModified": "2024-11-21T06:23:22.760",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-12T14:15:14.680",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-10 14:15
Modified
2024-11-21 05:50
Severity ?
Summary
A component of the Huawei smartphone has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevation of Privileges.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A component of the Huawei smartphone has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevation of Privileges."
},
{
"lang": "es",
"value": "Un componente del smartphone de Huawei, presenta una vulnerabilidad de Double Liberaci\u00f3n. Unos atacantes locales pueden explotar esta vulnerabilidad para causar una Elevaci\u00f3n de Privilegios de Root"
}
],
"id": "CVE-2021-22386",
"lastModified": "2024-11-21T05:50:01.417",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-10T14:15:07.213",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Third Party Advisory"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/oem_security_update_phone_202106-0000001165452077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/oem_security_update_phone_202106-0000001165452077"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-415"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a SSID vulnerability with Wi-Fi network connections in Huawei devices.Successful exploitation of this vulnerability may affect service confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a SSID vulnerability with Wi-Fi network connections in Huawei devices.Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de SSID en las conexiones de red Wi-Fi de los dispositivos Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la confidencialidad del servicio"
}
],
"id": "CVE-2021-22485",
"lastModified": "2024-11-21T05:50:12.477",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:10.103",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-16 18:15
Modified
2024-11-21 05:29
Severity ?
Summary
Out-of-bounds write vulnerability in the power consumption module. Successful exploitation of this vulnerability may cause the system to restart.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write vulnerability in the power consumption module. Successful exploitation of this vulnerability may cause the system to restart."
},
{
"lang": "es",
"value": "Una vulnerabilidad de escritura fuera de l\u00edmites en el m\u00f3dulo de consumo de energ\u00eda. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar el reinicio del sistema"
}
],
"id": "CVE-2020-36600",
"lastModified": "2024-11-21T05:29:51.883",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:11.347",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-16 18:15
Modified
2024-11-21 07:17
Severity ?
Summary
The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE0AFB0-A112-484B-BEAD-A7F1BDDCE313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks."
},
{
"lang": "es",
"value": "El m\u00f3dulo MPTCP, presenta una vulnerabilidad de p\u00e9rdida de memoria. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar p\u00e9rdidas de memoria"
}
],
"id": "CVE-2022-39004",
"lastModified": "2024-11-21T07:17:21.423",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:18.053",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-07-01 12:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is an Improper Access Control vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause temporary DoS.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper Access Control vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause temporary DoS."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Control de Acceso inapropiado en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar un DoS temporal"
}
],
"id": "CVE-2021-22344",
"lastModified": "2024-11-21T05:49:56.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-01T12:15:07.553",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-02 17:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a Permission Control Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause certain codes to be executed.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Permission Control Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause certain codes to be executed."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de Control de Permisos en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una ejecuci\u00f3n de determinados c\u00f3digos"
}
],
"id": "CVE-2021-22389",
"lastModified": "2024-11-21T05:50:01.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-02T17:15:13.883",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Uncaught Exception vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Uncaught Exception vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Excepci\u00f3n No Capturada en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad causar\u00e1 una salida no esperada de la aplicaci\u00f3n"
}
],
"id": "CVE-2021-22406",
"lastModified": "2024-11-21T05:50:03.987",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:08.680",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:43
Modified
2024-11-21 06:23
Severity ?
Summary
There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability will affect availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability will affect availability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de c\u00e1lculo incorrecto del tama\u00f1o del b\u00fafer en el marco de v\u00eddeo. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad afectar\u00e1 a la disponibilidad"
}
],
"id": "CVE-2021-40048",
"lastModified": "2024-11-21T06:23:27.843",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:43:17.003",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-131"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-10 14:10
Modified
2024-11-21 06:23
Severity ?
Summary
There is a Vulnerability of accessing resources using an incompatible type (type confusion) in the MPTCP subsystem in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Vulnerability of accessing resources using an incompatible type (type confusion) in the MPTCP subsystem in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de acceso a recursos usando un tipo no compatible (confusi\u00f3n de tipos) en el subsistema MPTCP en los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar el bloqueo y el reinicio del sistema"
}
],
"id": "CVE-2021-40037",
"lastModified": "2024-11-21T06:23:26.153",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-10T14:10:22.520",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-843"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause DoS attacks.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause DoS attacks."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de DoS en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar ataques de DoS"
}
],
"id": "CVE-2021-22402",
"lastModified": "2024-11-21T05:50:03.467",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:08.480",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-02 18:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Improper Check for Unusual or Exceptional Conditions Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper Check for Unusual or Exceptional Conditions Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de Comprobaci\u00f3n Inapropiada de Condiciones Inusuales o Excepcionales en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar al sistema reiniciarse"
}
],
"id": "CVE-2021-22447",
"lastModified": "2024-11-21T05:50:08.647",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-02T18:15:08.643",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-754"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-12 14:15
Modified
2024-11-21 06:34
Severity ?
Summary
The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity."
},
{
"lang": "es",
"value": "El marco b\u00e1sico y el m\u00f3dulo de configuraci\u00f3n tienen defectos, que fueron introducidos durante el dise\u00f1o. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la integridad del sistema"
}
],
"id": "CVE-2021-46741",
"lastModified": "2024-11-21T06:34:36.950",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-12T14:15:14.857",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:23
Severity ?
Summary
There is a race condition vulnerability in the binder driver subsystem in the kernel.Successful exploitation of this vulnerability may affect kernel stability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a race condition vulnerability in the binder driver subsystem in the kernel.Successful exploitation of this vulnerability may affect kernel stability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de condici\u00f3n de carrera en el subsistema del controlador del binder en el kernel. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la estabilidad del kernel"
}
],
"id": "CVE-2021-40015",
"lastModified": "2024-11-21T06:23:23.190",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-09T23:15:16.313",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/2/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202202-0000001204253396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202202-0000001204253396"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-13 16:15
Modified
2024-11-21 07:05
Severity ?
Summary
Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect confidentiality."
},
{
"lang": "es",
"value": "Defectos de configuraci\u00f3n en el m\u00f3dulo de SO seguro. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad afectar\u00e1 a la confidencialidad"
}
],
"id": "CVE-2022-31761",
"lastModified": "2024-11-21T07:05:15.337",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-13T16:15:08.820",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-12 14:15
Modified
2024-11-21 07:10
Severity ?
Summary
The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address mappings.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address mappings."
},
{
"lang": "es",
"value": "El m\u00f3dulo de huellas dactilares presenta una vulnerabilidad de desbordamiento en la suma aritm\u00e9tica. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede resultar en la adquisici\u00f3n de datos de direcciones desconocidas en los mapeos de direcciones"
}
],
"id": "CVE-2022-34739",
"lastModified": "2024-11-21T07:10:05.950",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-12T14:15:19.417",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-25 19:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed."
},
{
"lang": "es",
"value": "Se presenta una direcci\u00f3n de memoria fuera de l\u00edmites en los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una ejecuci\u00f3n de c\u00f3digo malicioso.\n"
}
],
"id": "CVE-2021-22433",
"lastModified": "2024-11-21T05:50:07.153",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-25T19:15:10.157",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:43
Modified
2024-11-21 06:23
Severity ?
Summary
There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en el marco de v\u00eddeo. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad"
}
],
"id": "CVE-2021-40060",
"lastModified": "2024-11-21T06:23:29.633",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:43:23.250",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-13 16:15
Modified
2024-11-21 07:05
Severity ?
Summary
Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this vulnerability may affect data integrity and confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this vulnerability may affect data integrity and confidentiality."
},
{
"lang": "es",
"value": "Los cuadros de di\u00e1logo pueden seguir apareciendo aunque la pantalla est\u00e9 bloqueada en los servicios USSD personalizados del operador. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la integridad y confidencialidad de los datos"
}
],
"id": "CVE-2022-31760",
"lastModified": "2024-11-21T07:05:15.190",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-13T16:15:08.770",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:43
Modified
2024-11-21 06:23
Severity ?
Summary
There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de copia del b\u00fafer de entrada sin comprobar su tama\u00f1o en el marco de v\u00eddeo. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad"
}
],
"id": "CVE-2021-40056",
"lastModified": "2024-11-21T06:23:28.993",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:43:21.363",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Low memory error in Huawei Smartphone due to the unlimited size of images to be parsed.Successful exploitation of this vulnerability may cause the Gallery or Files app to exit unexpectedly.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Low memory error in Huawei Smartphone due to the unlimited size of images to be parsed.Successful exploitation of this vulnerability may cause the Gallery or Files app to exit unexpectedly."
},
{
"lang": "es",
"value": "Se presenta un error de memoria baja en Huawei Smartphone debido al tama\u00f1o ilimitado de las im\u00e1genes que se analizan. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una salida no esperada de la aplicaci\u00f3n Gallery o Files"
}
],
"id": "CVE-2021-36997",
"lastModified": "2024-11-21T06:14:27.920",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:10.873",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-10 14:10
Modified
2024-11-21 06:20
Severity ?
Summary
There is Vulnerability of APIs being concurrently called for multiple times in HwConnectivityExService a in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is Vulnerability of APIs being concurrently called for multiple times in HwConnectivityExService a in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de las API que son llamadas simult\u00e1neamente varias veces en HwConnectivityExService en los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar el bloqueo y el reinicio del sistema"
}
],
"id": "CVE-2021-39998",
"lastModified": "2024-11-21T06:20:42.970",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-10T14:10:20.877",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/12/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/12/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-10 20:15
Modified
2024-11-21 06:23
Severity ?
Summary
The My HUAWEI app has a defect in the design. Successful exploitation of this vulnerability may affect data confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The My HUAWEI app has a defect in the design. Successful exploitation of this vulnerability may affect data confidentiality."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n My HUAWEI presenta un defecto de dise\u00f1o. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad de los datos"
}
],
"id": "CVE-2021-40030",
"lastModified": "2024-11-21T06:23:25.163",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-10T20:15:22.347",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:43
Modified
2024-11-21 06:23
Severity ?
Summary
There is a permission control vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a permission control vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vE194ulnerabilidad de control de permisos en el m\u00f3dulo Wi-Fi. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad"
}
],
"id": "CVE-2021-40059",
"lastModified": "2024-11-21T06:23:29.380",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:43:22.803",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-16 18:15
Modified
2024-11-21 07:17
Severity ?
Summary
The MPTCP module has the race condition vulnerability. Successful exploitation of this vulnerability may cause the device to restart.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE0AFB0-A112-484B-BEAD-A7F1BDDCE313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The MPTCP module has the race condition vulnerability. Successful exploitation of this vulnerability may cause the device to restart."
},
{
"lang": "es",
"value": "El m\u00f3dulo MPTCP presenta una vulnerabilidad de condici\u00f3n de carrera. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar el reinicio del dispositivo"
}
],
"id": "CVE-2022-39006",
"lastModified": "2024-11-21T07:17:21.667",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:18.133",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-13 19:15
Modified
2024-11-21 05:40
Severity ?
Summary
There is a heap overflow vulnerability in some Huawei smartphone, attackers can exploit this vulnerability to cause heap overflows due to improper restriction of operations within the bounds of a memory buffer.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a heap overflow vulnerability in some Huawei smartphone, attackers can exploit this vulnerability to cause heap overflows due to improper restriction of operations within the bounds of a memory buffer."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento de pila en algunos tel\u00e9fonos inteligentes Huawei, los atacantes pueden explotar esta vulnerabilidad para causar desbordamientos de la pila debido a una restricci\u00f3n inapropiada de operaciones dentro de los l\u00edmites de un b\u00fafer de la memoria."
}
],
"id": "CVE-2020-9144",
"lastModified": "2024-11-21T05:40:07.687",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-13T19:15:17.057",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-03 22:15
Modified
2024-11-21 06:20
Severity ?
Summary
There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de acceso No Autorizado a archivos en los Smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la confidencialidad del servicio"
}
],
"id": "CVE-2021-39969",
"lastModified": "2024-11-21T06:20:39.027",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-03T22:15:10.093",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-13 16:15
Modified
2024-11-21 06:34
Severity ?
Summary
Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect availability.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect availability."
},
{
"lang": "es",
"value": "Una vulnerabilidad de que los archivos residuales no son eliminados tras una actualizaci\u00f3n en el m\u00f3dulo ChinaDRM. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad"
}
],
"id": "CVE-2021-46813",
"lastModified": "2024-11-21T06:34:45.083",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-13T16:15:08.190",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-212"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-07 16:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@huawei.com | https://consumer.huawei.com/en/support/bulletin/2021/9/ | Not Applicable, Vendor Advisory | |
| nvd@nist.gov | https://consumer.huawei.com/om/support/bulletin/2021/10/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://consumer.huawei.com/en/support/bulletin/2021/9/ | Not Applicable, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de verificaci\u00f3n inapropiada en el Smartphone de Huawei, Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una lectura fuera de l\u00edmites"
}
],
"id": "CVE-2021-37042",
"lastModified": "2024-11-21T06:14:32.770",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-07T16:15:07.457",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "nvd@nist.gov",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/om/support/bulletin/2021/10/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a issue that trustlist strings being repeatedly inserted into the linked list in Huawei Smartphone due to race conditions. Successful exploitation of this vulnerability can cause exceptions when managing the system trustlist.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a issue that trustlist strings being repeatedly inserted into the linked list in Huawei Smartphone due to race conditions. Successful exploitation of this vulnerability can cause exceptions when managing the system trustlist."
},
{
"lang": "es",
"value": "Se presenta un problema de inserci\u00f3n repetida de cadenas confiable en la lista enlazada en Huawei Smartphone debido a condiciones de carrera. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar excepciones cuando es administrada la lista confiable del sistema"
}
],
"id": "CVE-2021-36994",
"lastModified": "2024-11-21T06:14:27.597",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:10.740",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:43
Modified
2024-11-21 06:23
Severity ?
Summary
There is a vulnerability of accessing resources using an incompatible type (type confusion) in the Bastet module. Successful exploitation of this vulnerability may affect integrity.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability of accessing resources using an incompatible type (type confusion) in the Bastet module. Successful exploitation of this vulnerability may affect integrity."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de acceso a recursos utilizando un tipo incompatible (confusi\u00f3n de tipos) en el m\u00f3dulo Bastet. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la integridad"
}
],
"id": "CVE-2021-40061",
"lastModified": "2024-11-21T06:23:29.817",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:43:23.707",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-843"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-10 20:16
Modified
2024-11-21 07:14
Severity ?
Summary
The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability."
},
{
"lang": "es",
"value": "El m\u00f3dulo recovery presenta una vulnerabilidad de omisi\u00f3n de verificaci\u00f3n de un paquete de actualizaci\u00f3n antes de su uso. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la estabilidad del sistema"
}
],
"id": "CVE-2022-37008",
"lastModified": "2024-11-21T07:14:16.467",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-10T20:16:04.967",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 18:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is an Information Disclosure Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause out-of-bounds read.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Information Disclosure Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause out-of-bounds read."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de Divulgaci\u00f3n de Informaci\u00f3n en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una lectura fuera de l\u00edmites"
}
],
"id": "CVE-2021-22354",
"lastModified": "2024-11-21T05:49:57.960",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T18:15:08.473",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-843"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Public key verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Public key verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de verificaci\u00f3n de clave P\u00fablica en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la confidencialidad del servicio"
}
],
"id": "CVE-2021-36992",
"lastModified": "2024-11-21T06:14:27.383",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:10.657",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-07-01 12:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is a Configuration Defect vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Configuration Defect vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Defecto de Configuraci\u00f3n en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la integridad y disponibilidad del servicio"
}
],
"id": "CVE-2021-22343",
"lastModified": "2024-11-21T05:49:56.863",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-01T12:15:07.517",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-23 16:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Digital Balance to fail to work.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Digital Balance to fail to work."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Omisi\u00f3n en Huawei Smartphone.Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad causar\u00e1 que la Balanza Digital no funcione"
}
],
"id": "CVE-2021-37032",
"lastModified": "2024-11-21T06:14:31.687",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-23T16:15:09.790",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-03 22:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Memory leakage vulnerability in Smartphone.Successful exploitation of this vulnerability may cause memory exhaustion.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Memory leakage vulnerability in Smartphone.Successful exploitation of this vulnerability may cause memory exhaustion."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de p\u00e9rdida de Memoria en el Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar el agotamiento de la memoria"
}
],
"id": "CVE-2021-37111",
"lastModified": "2024-11-21T06:14:40.080",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-03T22:15:09.057",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 21:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de L\u00edmite de Funcionamiento Inapropiado del B\u00fafer de Memoria en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una ejecuci\u00f3n de c\u00f3digo"
}
],
"id": "CVE-2021-22348",
"lastModified": "2024-11-21T05:49:57.390",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T21:15:09.760",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-13 16:15
Modified
2024-11-21 07:05
Severity ?
Summary
Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features."
},
{
"lang": "es",
"value": "Defectos l\u00f3gicos en la implementaci\u00f3n del c\u00f3digo en algunos productos. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad de algunas funciones"
}
],
"id": "CVE-2022-31754",
"lastModified": "2024-11-21T07:05:14.277",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-13T16:15:08.670",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-04-01 18:15
Modified
2024-11-21 05:40
Severity ?
Summary
A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to cause memory leakage and doS attacks by carefully constructing attack scenarios.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@huawei.com | https://consumer.huawei.com/cn/support/bulletin/2021/1 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://consumer.huawei.com/cn/support/bulletin/2021/1 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to cause memory leakage and doS attacks by carefully constructing attack scenarios."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de error de b\u00fafer de la memoria en la interfaz de un componente del Smartphone Huawei.\u0026#xa0;Los atacantes locales pueden explotar esta vulnerabilidad para causar p\u00e9rdidas de la memoria y ataques de denegaci\u00f3n de servicio mediante la construcci\u00f3n cuidadosa de escenarios de ataque."
}
],
"id": "CVE-2020-9146",
"lastModified": "2024-11-21T05:40:08.003",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-04-01T18:15:12.293",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/cn/support/bulletin/2021/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/cn/support/bulletin/2021/1"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-772"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 21:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause the device to crash and restart.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause the device to crash and restart."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de L\u00edmite de Funcionamiento Inapropiado del B\u00fafer de Memoria en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar que el dispositivo se bloquee y se reinicie"
}
],
"id": "CVE-2021-22350",
"lastModified": "2024-11-21T05:49:57.580",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T21:15:09.830",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-03 22:15
Modified
2025-05-22 19:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
There is a Vulnerability of obtaining broadcast information improperly due to improper broadcast permission settings in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Vulnerability of obtaining broadcast information improperly due to improper broadcast permission settings in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de obtenci\u00f3n de informaci\u00f3n de difusi\u00f3n inapropiada debido a una configuraci\u00f3n inapropiada de los permisos de difusi\u00f3n en los Smartphones.El aprovechamiento de esta vulnerabilidad puede afectar a la confidencialidad del servicio"
}
],
"id": "CVE-2021-39967",
"lastModified": "2025-05-22T19:15:25.590",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-01-03T22:15:10.000",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-10 20:16
Modified
2024-11-21 07:14
Severity ?
Summary
The SystemUI module has a privilege escalation vulnerability. Successful exploitation of this vulnerability can cause malicious applications to pop up windows or run in the background.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SystemUI module has a privilege escalation vulnerability. Successful exploitation of this vulnerability can cause malicious applications to pop up windows or run in the background."
},
{
"lang": "es",
"value": "El m\u00f3dulo SystemUI presenta una vulnerabilidad de escalada de privilegios. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar que aplicaciones maliciosas abran ventanas o sean ejecutadas en segundo plano"
}
],
"id": "CVE-2022-37002",
"lastModified": "2024-11-21T07:14:15.737",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-10T20:16:03.777",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 18:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause the kernel to restart.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause the kernel to restart."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de L\u00edmite de Funcionamiento Inapropiado del B\u00fafer de Memoria en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar el reinicio del kernel"
}
],
"id": "CVE-2021-22353",
"lastModified": "2024-11-21T05:49:57.863",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T18:15:08.437",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 14:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is a Security Features Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Security Features Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de las Funcionalidades de Seguridad en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad del servicio"
}
],
"id": "CVE-2021-22372",
"lastModified": "2024-11-21T05:49:59.780",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T14:15:08.623",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-16 18:15
Modified
2024-11-21 07:17
Severity ?
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability."
},
{
"lang": "es",
"value": "El m\u00f3dulo de Sistema Operativo seguro presenta defectos de configuraci\u00f3n. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad del sistema"
}
],
"id": "CVE-2022-38990",
"lastModified": "2024-11-21T07:17:19.560",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:17.553",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:43
Modified
2024-11-21 06:23
Severity ?
Summary
There is a permission control vulnerability in the PMS module. Successful exploitation of this vulnerability can lead to sensitive system information being obtained without authorization.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a permission control vulnerability in the PMS module. Successful exploitation of this vulnerability can lead to sensitive system information being obtained without authorization."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de control de permisos en el m\u00f3dulo PMS. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede conllevar a una obtenci\u00f3n de informaci\u00f3n confidencial del sistema sin autorizaci\u00f3n"
}
],
"id": "CVE-2021-40049",
"lastModified": "2024-11-21T06:23:28.017",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:43:17.500",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 18:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is a Permission Control Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect normal use of the device.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Permission Control Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect normal use of the device."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Control de Permisos en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar el uso normal del dispositivo"
}
],
"id": "CVE-2021-22368",
"lastModified": "2024-11-21T05:49:59.353",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T18:15:08.540",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-02 17:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a Configuration Defect Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service integrity and availability.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Configuration Defect Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service integrity and availability."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de Defecto de Configuraci\u00f3n en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la integridad y disponibilidad del servicio"
}
],
"id": "CVE-2021-22435",
"lastModified": "2024-11-21T05:50:07.373",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-02T17:15:14.480",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a vulnerability of tampering with the kernel in Huawei Smartphone.Successful exploitation of this vulnerability may escalate permissions.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability of tampering with the kernel in Huawei Smartphone.Successful exploitation of this vulnerability may escalate permissions."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de manipulaci\u00f3n del kernel en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede escalar los permisos"
}
],
"id": "CVE-2021-36990",
"lastModified": "2024-11-21T06:14:27.163",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:10.573",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-13 15:15
Modified
2024-11-21 06:34
Severity ?
Summary
The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash."
},
{
"lang": "es",
"value": "El m\u00f3dulo AMS presenta una vulnerabilidad de control de permisos inapropiada. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar que los procesos de aplicaciones no relacionadas con el sistema sean bloqueados"
}
],
"id": "CVE-2021-46787",
"lastModified": "2024-11-21T06:34:43.270",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-13T15:15:08.523",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-25 19:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service integrity.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service integrity."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad DoS en los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la integridad del servicio.\n"
}
],
"id": "CVE-2021-37027",
"lastModified": "2024-11-21T06:14:31.150",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-25T19:15:11.727",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-08 15:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Missing sensitive data encryption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Missing sensitive data encryption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de encriptaci\u00f3n de datos confidenciales en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad del servicio"
}
],
"id": "CVE-2021-37050",
"lastModified": "2024-11-21T06:14:33.643",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T15:15:09.480",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-311"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-08 15:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to confidentiality affected.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to confidentiality affected."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Errores de Administraci\u00f3n de Credenciales en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede conllevar a que la confidencialidad est\u00e9 afectada"
}
],
"id": "CVE-2021-37075",
"lastModified": "2024-11-21T06:14:36.277",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T15:15:09.867",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-02 17:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Improper Control of Dynamically Managing Code Resources Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to remotely execute commands.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper Control of Dynamically Managing Code Resources Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to remotely execute commands."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de Control Inapropiado de la Administraci\u00f3n Din\u00e1mica de los Recursos de C\u00f3digo en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede permitir que se intenten ejecutar comandos remotamente"
}
],
"id": "CVE-2021-22387",
"lastModified": "2024-11-21T05:50:01.540",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-02T17:15:13.783",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-913"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-12 14:15
Modified
2024-11-21 06:23
Severity ?
Summary
Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect confidentiality."
},
{
"lang": "es",
"value": "Una vulnerabilidad de control de permisos inapropiada en el m\u00f3dulo de Bluetooth. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad afectar\u00e1 a la confidencialidad"
}
],
"id": "CVE-2021-40016",
"lastModified": "2024-11-21T06:23:23.327",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-12T14:15:14.760",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-07 17:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento del b\u00fafer en la regi\u00f3n Stack de la memoria en el Smartphone de Huawei, Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede conllevar a una lectura fuera de l\u00edmites"
}
],
"id": "CVE-2021-37021",
"lastModified": "2024-11-21T06:14:30.493",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-07T17:15:08.343",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-03 22:15
Modified
2024-11-21 06:20
Severity ?
Summary
There is an Out-of-bounds read in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Out-of-bounds read in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una lectura fuera de l\u00edmites en los Smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad del servicio"
}
],
"id": "CVE-2021-39974",
"lastModified": "2024-11-21T06:20:39.730",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-03T22:15:10.333",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-13 15:15
Modified
2024-11-21 07:05
Severity ?
Summary
The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality."
},
{
"lang": "es",
"value": "El m\u00f3dulo del sensor de huellas dactilares presenta defectos de dise\u00f1o. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad de los datos"
}
],
"id": "CVE-2022-31756",
"lastModified": "2024-11-21T07:05:14.587",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-13T15:15:10.150",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a vulnerability of hijacking unverified providers in Huawei Smartphone.Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious commands.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability of hijacking unverified providers in Huawei Smartphone.Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious commands."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de secuestro de proveedores no verificados en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede permitir a atacantes secuestrar el dispositivo y falsificar las Interfaces de Usuario para inducir a los usuarios a ejecutar comandos maliciosos"
}
],
"id": "CVE-2021-22403",
"lastModified": "2024-11-21T05:50:03.600",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:08.530",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-03 22:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Timing design defects in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Timing design defects in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta un defecto de dise\u00f1o de Sincronizaci\u00f3n en el Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la confidencialidad del servicio"
}
],
"id": "CVE-2021-37110",
"lastModified": "2024-11-21T06:14:39.960",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-03T22:15:09.000",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:23
Severity ?
Summary
There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de fallo del mecanismo de verificaci\u00f3n de firmas en la actualizaci\u00f3n del sistema mediante el modo de recuperaci\u00f3n. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad del servicio"
}
],
"id": "CVE-2021-40045",
"lastModified": "2024-11-21T06:23:27.370",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-09T23:15:16.397",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/2/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202202-0000001204253396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202202-0000001204253396"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:23
Severity ?
Summary
There is a permission verification vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may cause unauthorized operations.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a permission verification vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may cause unauthorized operations."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de verificaci\u00f3n de permisos en el m\u00f3dulo Bluetooth. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar operaciones no autorizadas"
}
],
"id": "CVE-2021-40044",
"lastModified": "2024-11-21T06:23:27.157",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-09T23:15:16.357",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/2/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-03 22:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Double free vulnerability in Smartphone.Successful exploitation of this vulnerability may cause a kernel crash or privilege escalation.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Double free vulnerability in Smartphone.Successful exploitation of this vulnerability may cause a kernel crash or privilege escalation."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Doble liberaci\u00f3n en el Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar un bloqueo del kernel o una escalada de privilegios"
}
],
"id": "CVE-2021-37120",
"lastModified": "2024-11-21T06:14:41.073",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-03T22:15:09.500",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-415"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:43
Modified
2024-11-21 06:23
Severity ?
Summary
There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this vulnerability may cause stack overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this vulnerability may cause stack overflow."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de lectura fuera de l\u00edmites en el m\u00f3dulo IFAA. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar desbordamiento de pila"
}
],
"id": "CVE-2021-40050",
"lastModified": "2024-11-21T06:23:28.170",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:43:17.980",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 15:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is an Integer Overflow Vulnerability in Huawei Smartphone. Successful exploitation of these vulnerabilities may escalate the permission to that of the root user.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Integer Overflow Vulnerability in Huawei Smartphone. Successful exploitation of these vulnerabilities may escalate the permission to that of the root user."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento de enteros en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de estas vulnerabilidades puede escalar el permiso al del usuario root"
}
],
"id": "CVE-2021-22323",
"lastModified": "2024-11-21T05:49:54.663",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T15:15:10.323",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a Logic Bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service integrity and availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Logic Bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service integrity and availability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Omisi\u00f3n L\u00f3gica en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la integridad y disponibilidad del servicio"
}
],
"id": "CVE-2021-22436",
"lastModified": "2024-11-21T05:50:07.477",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:08.773",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 21:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is an Improper Permission Management Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may lead to the disclosure of user habits.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper Permission Management Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may lead to the disclosure of user habits."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de Administraci\u00f3n de Permisos Inapropiada en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede conllevar a una divulgaci\u00f3n de los h\u00e1bitos del usuario"
}
],
"id": "CVE-2021-22346",
"lastModified": "2024-11-21T05:49:57.197",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T21:15:09.717",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-02 17:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a Memory Buffer Errors Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA599BC0-D4A1-4A9E-A0F9-8FE30624AFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF1CA3A-3640-41AA-B856-75241BFC0EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Memory Buffer Errors Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Errores de Buffer de Memoria en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar al sistema reiniciarse"
}
],
"id": "CVE-2021-22414",
"lastModified": "2024-11-21T05:50:04.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-02T17:15:14.313",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-10 14:10
Modified
2024-11-21 06:23
Severity ?
Summary
There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desreferencia de puntero null en el m\u00f3dulo camera de los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la integridad del servicio"
}
],
"id": "CVE-2021-40031",
"lastModified": "2024-11-21T06:23:25.297",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-10T14:10:21.987",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a Directory traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Directory traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Salto de Directorio en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la confidencialidad del servicio"
}
],
"id": "CVE-2021-22404",
"lastModified": "2024-11-21T05:50:03.730",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:08.580",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-23 16:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is an Identity verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Identity verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de verificaci\u00f3n de Identidad en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la disponibilidad del servicio"
}
],
"id": "CVE-2021-37029",
"lastModified": "2024-11-21T06:14:31.377",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-23T16:15:09.667",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-25 19:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is a code injection vulnerability in smartphones. Successful exploitation of this vulnerability may affect service confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a code injection vulnerability in smartphones. Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de inyecci\u00f3n de c\u00f3digo en los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad del servicio."
}
],
"id": "CVE-2021-22395",
"lastModified": "2024-11-21T05:50:02.530",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-25T19:15:09.070",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202108-0000001181125881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202108-0000001181125881"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause transmission of certain virtual information.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause transmission of certain virtual information."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de verificaci\u00f3n inapropiada en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar la transmisi\u00f3n de determinada informaci\u00f3n virtual"
}
],
"id": "CVE-2021-36996",
"lastModified": "2024-11-21T06:14:27.817",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:10.830",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-03 16:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is a Business Logic Errors vulnerability in Huawei Smartphone. The malicious apps installed on the device can keep taking screenshots in the background. This issue does not cause system errors, but may cause personal information leakage.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Business Logic Errors vulnerability in Huawei Smartphone. The malicious apps installed on the device can keep taking screenshots in the background. This issue does not cause system errors, but may cause personal information leakage."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Errores de L\u00f3gica de Negocio en el Smartphone de Huawei. Las aplicaciones maliciosas instaladas en el dispositivo pueden seguir realizando capturas de pantalla en segundo plano. Este problema no causa errores en el sistema, pero puede causar un filtrado de informaci\u00f3n personal"
}
],
"id": "CVE-2021-22308",
"lastModified": "2024-11-21T05:49:52.980",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-03T16:15:10.753",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/2/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-08 15:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Service logic vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@huawei.com | https://consumer.huawei.com/en/support/bulletin/2021/9/ | Not Applicable, Vendor Advisory | |
| psirt@huawei.com | https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727 | Vendor Advisory | |
| nvd@nist.gov | https://consumer.huawei.com/en/support/bulletin/2021/10/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://consumer.huawei.com/en/support/bulletin/2021/9/ | Not Applicable, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Service logic vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de l\u00f3gica de servicio en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una DoS de WLAN"
}
],
"id": "CVE-2021-37053",
"lastModified": "2024-11-21T06:14:33.983",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T15:15:09.647",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"source": "nvd@nist.gov",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-03 22:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Privilege escalation vulnerability with the file system component in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "940801A5-523C-40D6-BB43-25BC78ADDE61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6D0F53-9E85-4877-B558-4F5FB1F865D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49E5FFC0-53B4-4A34-8A23-BC70AA565703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Privilege escalation vulnerability with the file system component in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de escalada de Privilegios con el componente del sistema de archivos en el Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la confidencialidad del servicio"
}
],
"id": "CVE-2021-37113",
"lastModified": "2024-11-21T06:14:40.300",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-03T22:15:09.170",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-10 14:10
Modified
2024-11-21 06:23
Severity ?
Summary
There is a Heap-based buffer overflow vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Heap-based buffer overflow vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n Heap de la memoria en el m\u00f3dulo AOD de los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la integridad del servicio"
}
],
"id": "CVE-2021-40026",
"lastModified": "2024-11-21T06:23:24.627",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-10T14:10:21.760",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-10 14:10
Modified
2024-11-21 06:20
Severity ?
Summary
There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones. Successful exploitation of this vulnerability may cause memory overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones. Successful exploitation of this vulnerability may cause memory overflow."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento de b\u00fafer basada en Heap con el m\u00f3dulo NFC en los smartphones. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar un desbordamiento de memoria"
}
],
"id": "CVE-2021-39996",
"lastModified": "2024-11-21T06:20:42.703",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-10T14:10:20.823",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/12/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/12/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-11 20:15
Modified
2024-11-21 06:46
Severity ?
Summary
The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data integrity.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data integrity."
},
{
"lang": "es",
"value": "Customization framework presenta una vulnerabilidad de control de permisos inapropiada. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la integridad de los datos"
}
],
"id": "CVE-2022-22257",
"lastModified": "2024-11-21T06:46:30.240",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-11T20:15:19.703",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-13 15:15
Modified
2024-11-21 07:05
Severity ?
Summary
AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability."
},
{
"lang": "es",
"value": "AppLink presenta una vulnerabilidad de acceso a punteros no inicializados. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la disponibilidad del sistema"
}
],
"id": "CVE-2022-31759",
"lastModified": "2024-11-21T07:05:15.037",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-13T15:15:10.337",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-824"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-23 16:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de DoS Remota en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad causar\u00e1 una salida no esperada de la aplicaci\u00f3n"
}
],
"id": "CVE-2021-37035",
"lastModified": "2024-11-21T06:14:32.010",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-23T16:15:09.933",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 05:50
Severity ?
Summary
There is an Out-of-bounds read vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service availability.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Out-of-bounds read vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service availability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de lectura fuera de l\u00edmites en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la disponibilidad del servicio"
}
],
"id": "CVE-2021-22487",
"lastModified": "2024-11-21T05:50:12.683",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:10.187",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is an Unauthorized file access vulnerability in Huawei Smartphone due to unstandardized path input.Successful exploitation of this vulnerability by creating malicious file paths can cause unauthorized file access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an Unauthorized file access vulnerability in Huawei Smartphone due to unstandardized path input.Successful exploitation of this vulnerability by creating malicious file paths can cause unauthorized file access."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de acceso no autorizado a archivos en Huawei Smartphone debido a una entrada de rutas no estandarizadas. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad mediante la creaci\u00f3n de rutas de archivos maliciosas puede causar el acceso no autorizado a archivos"
}
],
"id": "CVE-2021-36991",
"lastModified": "2024-11-21T06:14:27.277",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:10.613",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:43
Modified
2024-11-21 06:23
Severity ?
Summary
There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de copia del b\u00fafer de entrada sin comprobar su tama\u00f1o en el marco de v\u00eddeo. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad"
}
],
"id": "CVE-2021-40062",
"lastModified": "2024-11-21T06:23:29.957",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:43:24.123",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 14:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Se presenta una Vulnerabilidad de Errores de Administraci\u00f3n de Credenciales en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la confidencialidad del servicio"
}
],
"id": "CVE-2021-22370",
"lastModified": "2024-11-21T05:49:59.573",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T14:15:08.590",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-08 15:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause privilege escalation of files after CIFS share mounting.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0CF45-FF48-42DF-9063-34AB6CA4FE12",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause privilege escalation of files after CIFS share mounting."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de inyecci\u00f3n de par\u00e1metros en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una escalada de privilegios en los archivos tras el montaje de recursos compartidos CIFS"
}
],
"id": "CVE-2021-37040",
"lastModified": "2024-11-21T06:14:32.547",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T15:15:09.267",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-88"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:43
Modified
2024-11-21 06:23
Severity ?
Summary
There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento del b\u00fafer en la regi\u00f3n heap de la memoria en el marco de v\u00eddeo. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad"
}
],
"id": "CVE-2021-40058",
"lastModified": "2024-11-21T06:23:29.253",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:43:22.340",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-28 13:15
Modified
2024-11-21 06:14
Severity ?
Summary
There is a Memory out-of-bounds access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause malicious code to be executed.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Memory out-of-bounds access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause malicious code to be executed."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de acceso a la Memoria fuera de l\u00edmites en Huawei Smartphone. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar una ejecuci\u00f3n de c\u00f3digo malicioso"
}
],
"id": "CVE-2021-37002",
"lastModified": "2024-11-21T06:14:28.357",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-28T13:15:11.460",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-16 18:15
Modified
2024-11-21 05:29
Severity ?
Summary
Out-of-bounds write vulnerability in the kernel modules. Successful exploitation of this vulnerability may cause a panic reboot.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write vulnerability in the kernel modules. Successful exploitation of this vulnerability may cause a panic reboot."
},
{
"lang": "es",
"value": "Una vulnerabilidad de escritura fuera de l\u00edmites en los m\u00f3dulos del kernel. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar un reinicio de p\u00e1nico"
}
],
"id": "CVE-2020-36601",
"lastModified": "2024-11-21T05:29:52.060",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:11.407",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-30 15:15
Modified
2024-11-21 05:49
Severity ?
Summary
There is a Defects Introduced in the Design Process Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a Defects Introduced in the Design Process Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Defectos Introducidos en el Proceso de Dise\u00f1o en el Smartphone de Huawei. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la integridad y disponibilidad del servicio"
}
],
"id": "CVE-2021-22373",
"lastModified": "2024-11-21T05:49:59.893",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-30T15:15:10.443",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:43
Modified
2024-11-21 06:23
Severity ?
Summary
There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "504F2E73-FFD0-4589-8644-FE77656BB28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A4346-1757-48F9-827C-13EABC357302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de ataque de tipo man-in-the-middle durante la descarga de actualizaciones del sistema en modo de recuperaci\u00f3n. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar la integridad"
}
],
"id": "CVE-2021-40055",
"lastModified": "2024-11-21T06:23:28.853",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:43:20.810",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-13 15:15
Modified
2024-11-21 06:34
Severity ?
Summary
The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B701EC6-8208-4D22-95A6-B07D471A8A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6066FAB-23F5-4CB2-B89E-B00F8835AC39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access."
},
{
"lang": "es",
"value": "El m\u00f3dulo de audio presenta una vulnerabilidad en la verificaci\u00f3n de los par\u00e1metros pasados por el espacio de la aplicaci\u00f3n. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede causar un acceso a la memoria fuera de l\u00edmites"
}
],
"id": "CVE-2021-46786",
"lastModified": "2024-11-21T06:34:43.153",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-13T15:15:08.467",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-16 18:15
Modified
2024-11-21 07:17
Severity ?
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AC7F91-917C-40A6-9983-A339EFB091F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FF0AD1-22C2-423B-822A-E6496CEDAB02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD62E8B-CB4B-43A6-98E8-09A8A1A3505B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAE846A-00EA-417F-B66F-1F5396BB6139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:magic_ui:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B655712B-E86C-4BD2-8A99-AEA382C520E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability."
},
{
"lang": "es",
"value": "El m\u00f3dulo de Sistema Operativo seguro presenta defectos de configuraci\u00f3n. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad puede afectar a la disponibilidad del sistema"
}
],
"id": "CVE-2022-38987",
"lastModified": "2024-11-21T07:17:19.183",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-16T18:15:17.437",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2022-31756 (GCVE-0-2022-31756)
Vulnerability from cvelistv5
Published
2022-06-13 14:55
Modified
2024-08-03 07:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Design defects vulnerability
Summary
The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/6/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.205Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "12.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Design defects vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T14:55:54",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-31756",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "12.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Design defects vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-31756",
"datePublished": "2022-06-13T14:55:54",
"dateReserved": "2022-05-27T00:00:00",
"dateUpdated": "2024-08-03T07:26:01.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22404 (GCVE-0-2021-22404)
Vulnerability from cvelistv5
Published
2021-10-28 12:21
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Directory traversal vulnerability
Summary
There is a Directory traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Directory traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Directory traversal vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:21:54",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22404",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Directory traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Directory traversal vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22404",
"datePublished": "2021-10-28T12:21:54",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37002 (GCVE-0-2022-37002)
Vulnerability from cvelistv5
Published
2022-08-09 20:10
Modified
2024-08-03 10:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Privilege escalation vulnerability
Summary
The SystemUI module has a privilege escalation vulnerability. Successful exploitation of this vulnerability can cause malicious applications to pop up windows or run in the background.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/8/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.353Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The SystemUI module has a privilege escalation vulnerability. Successful exploitation of this vulnerability can cause malicious applications to pop up windows or run in the background."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege escalation vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-09T20:10:52",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-37002",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SystemUI module has a privilege escalation vulnerability. Successful exploitation of this vulnerability can cause malicious applications to pop up windows or run in the background."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege escalation vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/8/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-37002",
"datePublished": "2022-08-09T20:10:52",
"dateReserved": "2022-07-28T00:00:00",
"dateUpdated": "2024-08-03T10:21:32.353Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37037 (GCVE-0-2021-37037)
Vulnerability from cvelistv5
Published
2021-12-08 14:11
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Invalid address access vulnerability
Summary
There is an Invalid address access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/9/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.640Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Invalid address access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Invalid address access vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T14:11:47",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37037",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Invalid address access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Invalid address access vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37037",
"datePublished": "2021-12-08T14:11:47",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.640Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-38987 (GCVE-0-2022-38987)
Vulnerability from cvelistv5
Published
2022-09-16 17:55
Modified
2024-08-03 11:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuration defects
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:31.695Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuration defects",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:55:59",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-38987",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuration defects"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-38987",
"datePublished": "2022-09-16T17:55:59",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:10:31.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37030 (GCVE-0-2021-37030)
Vulnerability from cvelistv5
Published
2021-11-23 15:14
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper permission vulnerability
Summary
There is an Improper permission vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/8/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.536Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper permission vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper permission vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-23T15:14:41",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37030",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Improper permission vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper permission vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/8/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37030",
"datePublished": "2021-11-23T15:14:41",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.536Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9143 (GCVE-0-2020-9143)
Vulnerability from cvelistv5
Published
2021-01-13 21:52
Modified
2024-08-04 10:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Missing Authentication for Critical Function
Summary
There is a missing authentication vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability may lead to low-sensitive information exposure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2020/12/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0 Version: Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.087Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0"
},
{
"status": "affected",
"version": "Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a missing authentication vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability may lead to low-sensitive information exposure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Missing Authentication for Critical Function",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-13T21:52:21",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9143",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0"
},
{
"version_value": "Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a missing authentication vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability may lead to low-sensitive information exposure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing Authentication for Critical Function"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2020/12/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9143",
"datePublished": "2021-01-13T21:52:21",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22490 (GCVE-0-2021-22490)
Vulnerability from cvelistv5
Published
2021-10-28 12:25
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper authorization
Summary
There is a Permission verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect the device performance.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:14.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Permission verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect the device performance."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper authorization",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:25:23",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22490",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Permission verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect the device performance."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22490",
"datePublished": "2021-10-28T12:25:23",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:14.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22485 (GCVE-0-2021-22485)
Vulnerability from cvelistv5
Published
2021-10-28 12:24
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- SSID vulnerability with Wi-Fi network connections
Summary
There is a SSID vulnerability with Wi-Fi network connections in Huawei devices.Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.614Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a SSID vulnerability with Wi-Fi network connections in Huawei devices.Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "SSID vulnerability with Wi-Fi network connections",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:24:58",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22485",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a SSID vulnerability with Wi-Fi network connections in Huawei devices.Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SSID vulnerability with Wi-Fi network connections"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22485",
"datePublished": "2021-10-28T12:24:58",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.614Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22426 (GCVE-0-2021-22426)
Vulnerability from cvelistv5
Published
2022-02-25 18:11
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory address out of bounds
Summary
There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.292Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory address out of bounds",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-25T18:11:10",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22426",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory address out of bounds"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22426",
"datePublished": "2022-02-25T18:11:10",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31759 (GCVE-0-2022-31759)
Vulnerability from cvelistv5
Published
2022-06-13 14:56
Modified
2024-08-03 07:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Accessing uninitialized pointers vulnerability
Summary
AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/6/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.195Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Accessing uninitialized pointers vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T14:56:25",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-31759",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Accessing uninitialized pointers vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-31759",
"datePublished": "2022-06-13T14:56:25",
"dateReserved": "2022-05-27T00:00:00",
"dateUpdated": "2024-08-03T07:26:01.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40019 (GCVE-0-2021-40019)
Vulnerability from cvelistv5
Published
2022-09-16 17:58
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds heap read vulnerability
Summary
Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/9/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:30.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds heap read vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:58:03",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40019",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds heap read vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40019",
"datePublished": "2022-09-16T17:58:03",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:30.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40062 (GCVE-0-2021-40062)
Vulnerability from cvelistv5
Published
2022-03-07 13:49
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Buffer Copy without Checking Size of Input
Summary
There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/3/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.491Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Copy without Checking Size of Input",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T13:49:31",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40062",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Copy without Checking Size of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/3/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40062",
"datePublished": "2022-03-07T13:49:31",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.491Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-34738 (GCVE-0-2022-34738)
Vulnerability from cvelistv5
Published
2022-07-11 13:53
Modified
2024-08-03 09:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper permission control vulnerability
Summary
The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/7/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:22:09.054Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "12.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper permission control vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-11T13:53:41",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-34738",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "12.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper permission control vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-34738",
"datePublished": "2022-07-11T13:53:41",
"dateReserved": "2022-06-28T00:00:00",
"dateUpdated": "2024-08-03T09:22:09.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31751 (GCVE-0-2022-31751)
Vulnerability from cvelistv5
Published
2022-06-13 14:55
Modified
2024-08-03 07:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Multi-thread contention vulnerability
Summary
The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/6/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.118Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "12.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Multi-thread contention vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-11T13:54:03",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-31751",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "12.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Multi-thread contention vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-31751",
"datePublished": "2022-06-13T14:55:41",
"dateReserved": "2022-05-27T00:00:00",
"dateUpdated": "2024-08-03T07:26:01.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37113 (GCVE-0-2021-37113)
Vulnerability from cvelistv5
Published
2022-01-03 21:07
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Privilege escalation
Summary
There is a Privilege escalation vulnerability with the file system component in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/10/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.715Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
},
{
"product": "Harmony OS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Privilege escalation vulnerability with the file system component in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-03T21:07:28",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37113",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
},
{
"product_name": "Harmony OS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Privilege escalation vulnerability with the file system component in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/10/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37113",
"datePublished": "2022-01-03T21:07:28",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.715Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37003 (GCVE-0-2022-37003)
Vulnerability from cvelistv5
Published
2022-08-09 20:10
Modified
2025-09-08 18:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper permission assignment vulnerability
Summary
The AOD module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may cause permission escalation and unauthorized access to files.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/8/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.319Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-37003",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-08T18:41:19.585241Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-08T18:42:25.944Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The AOD module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may cause permission escalation and unauthorized access to files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper permission assignment vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-09T20:10:59.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-37003",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AOD module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may cause permission escalation and unauthorized access to files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper permission assignment vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/8/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-37003",
"datePublished": "2022-08-09T20:10:59.000Z",
"dateReserved": "2022-07-28T00:00:00.000Z",
"dateUpdated": "2025-09-08T18:42:25.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22491 (GCVE-0-2021-22491)
Vulnerability from cvelistv5
Published
2021-10-28 12:25
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Input Verification Vulnerability
Summary
There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:14.026Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Input Verification Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:25:31",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22491",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Input Verification Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22491",
"datePublished": "2021-10-28T12:25:31",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:14.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40065 (GCVE-0-2021-40065)
Vulnerability from cvelistv5
Published
2022-04-11 19:38
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Service logic error vulnerability
Summary
The communication module has a service logic error vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/4/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.856Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The communication module has a service logic error vulnerability.Successful exploitation of this vulnerability may affect data confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Service logic error vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T19:38:24",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40065",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The communication module has a service logic error vulnerability.Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Service logic error vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/4/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40065",
"datePublished": "2022-04-11T19:38:24",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.856Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22432 (GCVE-0-2021-22432)
Vulnerability from cvelistv5
Published
2022-02-25 18:11
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuring permission isolation vulnerability
Summary
There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.386Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuring permission isolation vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-25T18:11:11",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22432",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuring permission isolation vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22432",
"datePublished": "2022-02-25T18:11:11",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.386Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22344 (GCVE-0-2021-22344)
Vulnerability from cvelistv5
Published
2021-07-01 11:10
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper Access Control
Summary
There is an Improper Access Control vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause temporary DoS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/5/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1 Version: Magic UI 4.0.0,Magic UI 3.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.510Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper Access Control vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause temporary DoS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Access Control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-01T11:10:15",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22344",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Improper Access Control vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause temporary DoS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22344",
"datePublished": "2021-07-01T11:10:15",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.510Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-29793 (GCVE-0-2022-29793)
Vulnerability from cvelistv5
Published
2022-05-13 15:05
Modified
2024-08-03 06:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuration defect vulnerability
Summary
There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/5/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/6/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HarmonyOS;EMUI;Magic UI |
Version: HarmonyOS 2.0 Version: EMUI 12.0.0, EMUI 10.1.0, EMUI 10.1.1 Version: Magic UI 3.1.0, Magic UI 3.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:33:42.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS;EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "HarmonyOS 2.0"
},
{
"status": "affected",
"version": "EMUI 12.0.0, EMUI 10.1.0, EMUI 10.1.1"
},
{
"status": "affected",
"version": "Magic UI 3.1.0, Magic UI 3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuration defect vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T15:51:39",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-29793",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS;EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "HarmonyOS 2.0"
},
{
"version_value": "EMUI 12.0.0, EMUI 10.1.0, EMUI 10.1.1"
},
{
"version_value": "Magic UI 3.1.0, Magic UI 3.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuration defect vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-29793",
"datePublished": "2022-05-13T15:05:15",
"dateReserved": "2022-04-25T00:00:00",
"dateUpdated": "2024-08-03T06:33:42.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9158 (GCVE-0-2020-9158)
Vulnerability from cvelistv5
Published
2021-07-01 11:21
Modified
2024-08-04 10:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Missing Cryptographic Step
Summary
There is a Missing Cryptographic Step vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause DoS of Samgr.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/1/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI, Magic UI |
Version: EMUI 11.0.0 Version: EMUI 10.1.1 Version: EMUI 10.1.0 Version: EMUI 10.0.0 Version: EMUI 9.1.1 Version: EMUI 9.1.0 Version: EMUI 8.2 Version: EMUI 8.0 Version: Magic UI 4.0.0 Version: Magic UI 3.1.1 Version: Magic UI 3.1.0 Version: Magic UI 3.0.0 Version: Magic UI 2.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.031Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI, Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0"
},
{
"status": "affected",
"version": "EMUI 10.1.1"
},
{
"status": "affected",
"version": "EMUI 10.1.0"
},
{
"status": "affected",
"version": "EMUI 10.0.0"
},
{
"status": "affected",
"version": "EMUI 9.1.1"
},
{
"status": "affected",
"version": "EMUI 9.1.0"
},
{
"status": "affected",
"version": "EMUI 8.2"
},
{
"status": "affected",
"version": "EMUI 8.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0"
},
{
"status": "affected",
"version": "Magic UI 3.1.1"
},
{
"status": "affected",
"version": "Magic UI 3.1.0"
},
{
"status": "affected",
"version": "Magic UI 3.0.0"
},
{
"status": "affected",
"version": "Magic UI 2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Missing Cryptographic Step vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause DoS of Samgr."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Missing Cryptographic Step",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-01T11:21:03",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9158",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI, Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0"
},
{
"version_value": "EMUI 10.1.1"
},
{
"version_value": "EMUI 10.1.0"
},
{
"version_value": "EMUI 10.0.0"
},
{
"version_value": "EMUI 9.1.1"
},
{
"version_value": "EMUI 9.1.0"
},
{
"version_value": "EMUI 8.2"
},
{
"version_value": "EMUI 8.0"
},
{
"version_value": "Magic UI 4.0.0"
},
{
"version_value": "Magic UI 3.1.1"
},
{
"version_value": "Magic UI 3.1.0"
},
{
"version_value": "Magic UI 3.0.0"
},
{
"version_value": "Magic UI 2.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Missing Cryptographic Step vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause DoS of Samgr."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing Cryptographic Step"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/1/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9158",
"datePublished": "2021-07-01T11:21:03",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.031Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22333 (GCVE-0-2021-22333)
Vulnerability from cvelistv5
Published
2021-06-03 19:15
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper Validation of Array Index
Summary
There is an Improper Validation of Array Index vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute, thus obtaining system permissions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/4/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0 Version: Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper Validation of Array Index vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute, thus obtaining system permissions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Validation of Array Index",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-03T19:15:26",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22333",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Improper Validation of Array Index vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute, thus obtaining system permissions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Validation of Array Index"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/4/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22333",
"datePublished": "2021-06-03T19:15:26",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37005 (GCVE-0-2022-37005)
Vulnerability from cvelistv5
Published
2022-08-09 20:11
Modified
2024-08-03 10:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Argument injection vulnerability
Summary
The Settings application has an argument injection vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/8/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.603Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Settings application has an argument injection vulnerability. Successful exploitation of this vulnerability may affect data confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Argument injection vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-09T20:11:06",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-37005",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Settings application has an argument injection vulnerability. Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Argument injection vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/8/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-37005",
"datePublished": "2022-08-09T20:11:06",
"dateReserved": "2022-07-28T00:00:00",
"dateUpdated": "2024-08-03T10:21:32.603Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22427 (GCVE-0-2021-22427)
Vulnerability from cvelistv5
Published
2021-08-02 16:49
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap-based Buffer Overflow
Summary
There is a Heap-based Buffer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Heap-based Buffer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-based Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T16:49:05",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22427",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Heap-based Buffer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22427",
"datePublished": "2021-08-02T16:49:06",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22406 (GCVE-0-2021-22406)
Vulnerability from cvelistv5
Published
2021-10-28 12:22
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Uncaught Exception
Summary
There is an Uncaught Exception vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.130Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Uncaught Exception vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Uncaught Exception",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:22:22",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22406",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Uncaught Exception vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Uncaught Exception"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22406",
"datePublished": "2021-10-28T12:22:22",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.130Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22412 (GCVE-0-2021-22412)
Vulnerability from cvelistv5
Published
2021-08-02 16:46
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Integer Overflow Vulnerability
Summary
There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause random kernel address access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.011Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause random kernel address access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Integer Overflow Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T16:46:10",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22412",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause random kernel address access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22412",
"datePublished": "2021-08-02T16:46:10",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-46741 (GCVE-0-2021-46741)
Vulnerability from cvelistv5
Published
2022-07-11 13:52
Modified
2024-08-04 05:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Weaknesses Introduced During Design
Summary
The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/7/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/8/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:17:41.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Weaknesses Introduced During Design",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-09T20:12:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-46741",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Weaknesses Introduced During Design"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/8/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-46741",
"datePublished": "2022-07-11T13:52:47",
"dateReserved": "2022-03-26T00:00:00",
"dateUpdated": "2024-08-04T05:17:41.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36997 (GCVE-0-2021-36997)
Vulnerability from cvelistv5
Published
2021-10-28 12:27
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap-based聽Buffer聽Overflow
Summary
There is a Low memory error in Huawei Smartphone due to the unlimited size of images to be parsed.Successful exploitation of this vulnerability may cause the Gallery or Files app to exit unexpectedly.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Low memory error in Huawei Smartphone due to the unlimited size of images to be parsed.Successful exploitation of this vulnerability may cause the Gallery or Files app to exit unexpectedly."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-based\u807dBuffer\u807dOverflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:27:19",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-36997",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Low memory error in Huawei Smartphone due to the unlimited size of images to be parsed.Successful exploitation of this vulnerability may cause the Gallery or Files app to exit unexpectedly."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based\u807dBuffer\u807dOverflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-36997",
"datePublished": "2021-10-28T12:27:19",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-38988 (GCVE-0-2022-38988)
Vulnerability from cvelistv5
Published
2022-09-16 17:56
Modified
2024-08-03 11:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuration defects
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:31.654Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuration defects",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:56:28",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-38988",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuration defects"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-38988",
"datePublished": "2022-09-16T17:56:28",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:10:31.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-38993 (GCVE-0-2022-38993)
Vulnerability from cvelistv5
Published
2022-09-16 17:55
Modified
2024-08-03 11:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuration defects
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:32.167Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "2.1"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuration defects",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:55:53",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-38993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
},
{
"version_affected": "=",
"version_value": "2.1"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuration defects"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-38993",
"datePublished": "2022-09-16T17:55:53",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:10:32.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22431 (GCVE-0-2021-22431)
Vulnerability from cvelistv5
Published
2022-02-25 18:11
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuring permission isolation vulnerability
Summary
There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuring permission isolation vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-25T18:11:09",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22431",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuring permission isolation vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22431",
"datePublished": "2022-02-25T18:11:09",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40039 (GCVE-0-2021-40039)
Vulnerability from cvelistv5
Published
2022-01-07 22:39
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Null pointer dereference
Summary
There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/1/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.426Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Null pointer dereference",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-07T22:39:39",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40039",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Null pointer dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/1/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40039",
"datePublished": "2022-01-07T22:39:39",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31761 (GCVE-0-2022-31761)
Vulnerability from cvelistv5
Published
2022-06-13 15:07
Modified
2024-08-03 07:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuration defectsl vulnerability
Summary
Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.075Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuration defectsl vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T15:07:29",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-31761",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuration defectsl vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-31761",
"datePublished": "2022-06-13T15:07:29",
"dateReserved": "2022-05-27T00:00:00",
"dateUpdated": "2024-08-03T07:26:01.075Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22487 (GCVE-0-2021-22487)
Vulnerability from cvelistv5
Published
2021-10-28 12:25
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds read
Summary
There is an Out-of-bounds read vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:14.015Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Out-of-bounds read vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:25:11",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22487",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Out-of-bounds read vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22487",
"datePublished": "2021-10-28T12:25:11",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:14.015Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37020 (GCVE-0-2021-37020)
Vulnerability from cvelistv5
Published
2021-12-07 16:01
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Stack-based Buffer Overflow vulnerability
Summary
There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.767Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Stack-based Buffer Overflow vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-07T16:01:55",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37020",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stack-based Buffer Overflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37020",
"datePublished": "2021-12-07T16:01:55",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.767Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36999 (GCVE-0-2021-36999)
Vulnerability from cvelistv5
Published
2021-10-28 12:27
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper聽Restriction聽of聽Operations聽within聽the聽Bounds聽of聽a聽Memory聽Buffer
Summary
There is a Buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by sending malicious images and inducing users to open the images may cause remote code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.370Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by sending malicious images and inducing users to open the images may cause remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper\u807dRestriction\u807dof\u807dOperations\u807dwithin\u807dthe\u807dBounds\u807dof\u807da\u807dMemory\u807dBuffer",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:27:34",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-36999",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by sending malicious images and inducing users to open the images may cause remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper\u807dRestriction\u807dof\u807dOperations\u807dwithin\u807dthe\u807dBounds\u807dof\u807da\u807dMemory\u807dBuffer"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-36999",
"datePublished": "2021-10-28T12:27:34",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.370Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37120 (GCVE-0-2021-37120)
Vulnerability from cvelistv5
Published
2022-01-03 21:07
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Double free
Summary
There is a Double free vulnerability in Smartphone.Successful exploitation of this vulnerability may cause a kernel crash or privilege escalation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/10/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 10.1.1,EMUI 10.1.0 Version: Magic UI 3.1.1,Magic UI 3.1.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.862Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 10.1.1,EMUI 10.1.0"
},
{
"status": "affected",
"version": "Magic UI 3.1.1,Magic UI 3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Double free vulnerability in Smartphone.Successful exploitation of this vulnerability may cause a kernel crash or privilege escalation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Double free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-03T21:07:13",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37120",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 10.1.1,EMUI 10.1.0"
},
{
"version_value": "Magic UI 3.1.1,Magic UI 3.1.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Double free vulnerability in Smartphone.Successful exploitation of this vulnerability may cause a kernel crash or privilege escalation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Double free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/10/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37120",
"datePublished": "2022-01-03T21:07:13",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.862Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-39006 (GCVE-0-2022-39006)
Vulnerability from cvelistv5
Published
2022-09-16 17:55
Modified
2024-08-03 11:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Race condition vulnerability
Summary
The MPTCP module has the race condition vulnerability. Successful exploitation of this vulnerability may cause the device to restart.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:32.106Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "2.1"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The MPTCP module has the race condition vulnerability. Successful exploitation of this vulnerability may cause the device to restart."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Race condition vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:55:56",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-39006",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
},
{
"version_affected": "=",
"version_value": "2.1"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The MPTCP module has the race condition vulnerability. Successful exploitation of this vulnerability may cause the device to restart."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Race condition vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-39006",
"datePublished": "2022-09-16T17:55:56",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:10:32.106Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9139 (GCVE-0-2020-9139)
Vulnerability from cvelistv5
Published
2021-01-13 21:58
Modified
2024-08-04 10:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper Input Validation
Summary
There is a improper input validation vulnerability in some Huawei Smartphone.Successful exploit of this vulnerability can cause memory access errors and denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2020/12/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0 Version: Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.112Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a improper input validation vulnerability in some Huawei Smartphone.Successful exploit of this vulnerability can cause memory access errors and denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Input Validation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-13T21:58:39",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9139",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0"
},
{
"version_value": "Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a improper input validation vulnerability in some Huawei Smartphone.Successful exploit of this vulnerability can cause memory access errors and denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2020/12/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9139",
"datePublished": "2021-01-13T21:58:39",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.112Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37007 (GCVE-0-2022-37007)
Vulnerability from cvelistv5
Published
2022-08-09 20:10
Modified
2024-08-03 10:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds read vulnerability
Summary
The chinadrm module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect the availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/8/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.503Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The chinadrm module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect the availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds read vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-09T20:10:24",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-37007",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The chinadrm module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect the availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds read vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/8/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-37007",
"datePublished": "2022-08-09T20:10:24",
"dateReserved": "2022-07-28T00:00:00",
"dateUpdated": "2024-08-03T10:21:32.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-39004 (GCVE-0-2022-39004)
Vulnerability from cvelistv5
Published
2022-09-16 17:56
Modified
2024-08-03 11:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory leak vulnerability
Summary
The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:32.491Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "2.1"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory leak vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:56:03",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-39004",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
},
{
"version_affected": "=",
"version_value": "2.1"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory leak vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-39004",
"datePublished": "2022-09-16T17:56:03",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:10:32.491Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37133 (GCVE-0-2021-37133)
Vulnerability from cvelistv5
Published
2022-01-03 21:07
Modified
2025-05-22 18:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Unauthorized file access vulnerability
Summary
There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/11/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:03.180Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-37133",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-22T17:44:49.692978Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T18:47:24.628Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "9.1.0"
},
{
"status": "affected",
"version": "9.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unauthorized file access vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-03T21:07:40.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37133",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.1.1"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unauthorized file access vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/11/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37133",
"datePublished": "2022-01-03T21:07:40.000Z",
"dateReserved": "2021-07-20T00:00:00.000Z",
"dateUpdated": "2025-05-22T18:47:24.628Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22401 (GCVE-0-2021-22401)
Vulnerability from cvelistv5
Published
2021-10-28 12:21
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Uncaught Exception
Summary
There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability can affect service integrity.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.860Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability can affect service integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Uncaught Exception",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:21:33",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22401",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability can affect service integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Uncaught Exception"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22401",
"datePublished": "2021-10-28T12:21:33",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.860Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22350 (GCVE-0-2021-22350)
Vulnerability from cvelistv5
Published
2021-06-30 20:10
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Buffer Improper Operation Limit Vulnerability
Summary
There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause the device to crash and restart.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/5/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0, EMUI 10.1.1 Version: Magic UI 4.0.0, Magic UI 3.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0, EMUI 10.1.1"
},
{
"status": "affected",
"version": "Magic UI 4.0.0, Magic UI 3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause the device to crash and restart."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Buffer Improper Operation Limit Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T20:10:16",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22350",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0, EMUI 10.1.1"
},
{
"version_value": "Magic UI 4.0.0, Magic UI 3.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause the device to crash and restart."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Buffer Improper Operation Limit Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22350",
"datePublished": "2021-06-30T20:10:16",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40060 (GCVE-0-2021-40060)
Vulnerability from cvelistv5
Published
2022-03-07 13:49
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap-based buffer overflow vulnerability
Summary
There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/3/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-based buffer overflow vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T13:49:47",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40060",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based buffer overflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/3/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40060",
"datePublished": "2022-03-07T13:49:47",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22257 (GCVE-0-2022-22257)
Vulnerability from cvelistv5
Published
2022-04-11 19:38
Modified
2024-08-03 03:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper permission control vulnerability
Summary
The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data integrity.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/4/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:50.177Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper permission control vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T19:38:18",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-22257",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper permission control vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/4/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-22257",
"datePublished": "2022-04-11T19:38:18",
"dateReserved": "2021-12-22T00:00:00",
"dateUpdated": "2024-08-03T03:07:50.177Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22348 (GCVE-0-2021-22348)
Vulnerability from cvelistv5
Published
2021-06-30 20:48
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Buffer Improper Operation Limit Vulnerability
Summary
There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/5/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0,EMUI 10.1.1 Version: Magic UI 4.0.0,Magic UI 3.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.590Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0,EMUI 10.1.1"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Buffer Improper Operation Limit Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T20:48:50",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22348",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0,EMUI 10.1.1"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Buffer Improper Operation Limit Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22348",
"datePublished": "2021-06-30T20:48:50",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.590Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36985 (GCVE-0-2021-36985)
Vulnerability from cvelistv5
Published
2021-10-28 12:25
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Code injection vulnerability
Summary
There is a Code injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may exhaust system resources and cause the system to restart.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.647Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Code injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may exhaust system resources and cause the system to restart."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Code injection vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:25:38",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-36985",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Code injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may exhaust system resources and cause the system to restart."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Code injection vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-36985",
"datePublished": "2021-10-28T12:25:38",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.647Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22390 (GCVE-0-2021-22390)
Vulnerability from cvelistv5
Published
2021-08-02 16:44
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Buffer Improper Operation Limit Vulnerability
Summary
There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause certain codes to be executed.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.294Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause certain codes to be executed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Buffer Improper Operation Limit Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T16:44:40",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22390",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause certain codes to be executed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Buffer Improper Operation Limit Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22390",
"datePublished": "2021-08-02T16:44:40",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.294Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-46814 (GCVE-0-2021-46814)
Vulnerability from cvelistv5
Published
2022-06-13 14:54
Modified
2024-08-04 05:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds memory read/write vulnerability
Summary
The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/6/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:17:42.632Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "12.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds memory read/write vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T14:54:56",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-46814",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "12.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds memory read/write vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-46814",
"datePublished": "2022-06-13T14:54:56",
"dateReserved": "2022-05-27T00:00:00",
"dateUpdated": "2024-08-04T05:17:42.632Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22325 (GCVE-0-2021-22325)
Vulnerability from cvelistv5
Published
2021-06-03 16:10
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure Vulnerability
Summary
There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may result in video streams being intercepted during transmission.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/3/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0 Version: Magic UI 4.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.489Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/3/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may result in video streams being intercepted during transmission."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-03T16:10:48",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/3/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22325",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0"
},
{
"version_value": "Magic UI 4.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may result in video streams being intercepted during transmission."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/3/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/3/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22325",
"datePublished": "2021-06-03T16:10:48",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.489Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37097 (GCVE-0-2021-37097)
Vulnerability from cvelistv5
Published
2021-12-08 14:13
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Code Injection vulnerability
Summary
There is a Code Injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system restart.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2021/10/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.751Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Code Injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system restart."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Code Injection vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T14:13:16",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37097",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Code Injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system restart."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Code Injection vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/10/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37097",
"datePublished": "2021-12-08T14:13:16",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.751Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22367 (GCVE-0-2021-22367)
Vulnerability from cvelistv5
Published
2021-06-30 17:29
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Key Management Errors
Summary
There is a Key Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may lead to authentication bypass.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/5/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0 Version: Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Key Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may lead to authentication bypass."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Key Management Errors",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T17:29:39",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22367",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Key Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may lead to authentication bypass."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Key Management Errors"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22367",
"datePublished": "2021-06-30T17:29:39",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22474 (GCVE-0-2021-22474)
Vulnerability from cvelistv5
Published
2021-10-28 12:24
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds Read
Summary
There is an Out-of-bounds memory access in Huawei Smartphone.Successful exploitation of this vulnerability may cause process exceptions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Out-of-bounds memory access in Huawei Smartphone.Successful exploitation of this vulnerability may cause process exceptions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds Read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:24:32",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22474",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Out-of-bounds memory access in Huawei Smartphone.Successful exploitation of this vulnerability may cause process exceptions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22474",
"datePublished": "2021-10-28T12:24:32",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40010 (GCVE-0-2021-40010)
Vulnerability from cvelistv5
Published
2022-01-07 22:39
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap overflow vulnerability
Summary
The bone voice ID TA has a heap overflow vulnerability.Successful exploitation of this vulnerability may result in malicious code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/5/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202201-0000001194056366 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HarmonyOS;EMUI;Magic UI |
Version: HarmonyOS 2.0 Version: EMUI 12.0.0,EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0 Version: Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:30.340Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202201-0000001194056366"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS;EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "HarmonyOS 2.0"
},
{
"status": "affected",
"version": "EMUI 12.0.0,EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The bone voice ID TA has a heap overflow vulnerability.Successful exploitation of this vulnerability may result in malicious code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap overflow vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-13T15:12:40",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202201-0000001194056366"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40010",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS;EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "HarmonyOS 2.0"
},
{
"version_value": "EMUI 12.0.0,EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The bone voice ID TA has a heap overflow vulnerability.Successful exploitation of this vulnerability may result in malicious code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap overflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202201-0000001194056366",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202201-0000001194056366"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40010",
"datePublished": "2022-01-07T22:39:40",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:30.340Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37002 (GCVE-0-2021-37002)
Vulnerability from cvelistv5
Published
2021-10-28 12:27
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds Write
Summary
There is a Memory out-of-bounds access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause malicious code to be executed.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.593Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Memory out-of-bounds access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause malicious code to be executed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds Write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:27:47",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37002",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Memory out-of-bounds access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause malicious code to be executed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37002",
"datePublished": "2021-10-28T12:27:47",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22349 (GCVE-0-2021-22349)
Vulnerability from cvelistv5
Published
2021-06-30 20:37
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Input Verification Vulnerability
Summary
There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of insufficient input verification may cause the system to restart.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/5/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0,EMUI 10.1.1 Version: Magic UI 4.0.0,Magic UI 3.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0,EMUI 10.1.1"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of insufficient input verification may cause the system to restart."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Input Verification Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T20:37:10",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22349",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0,EMUI 10.1.1"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of insufficient input verification may cause the system to restart."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Input Verification Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22349",
"datePublished": "2021-06-30T20:37:10",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.554Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22473 (GCVE-0-2021-22473)
Vulnerability from cvelistv5
Published
2021-10-28 12:22
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Authentication (including session management) vulnerability
Summary
There is an Authentication vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.620Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Authentication vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication (including session management) vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:22:43",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22473",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Authentication vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication (including session management) vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22473",
"datePublished": "2021-10-28T12:22:43",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40064 (GCVE-0-2021-40064)
Vulnerability from cvelistv5
Published
2022-03-07 13:49
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap-based buffer overflow vulnerability
Summary
There is a heap-based buffer overflow vulnerability in system components. Successful exploitation of this vulnerability may affect system stability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/3/ | x_refsource_MISC | |
| https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.704Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a heap-based buffer overflow vulnerability in system components. Successful exploitation of this vulnerability may affect system stability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-based buffer overflow vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T13:49:22",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40064",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a heap-based buffer overflow vulnerability in system components. Successful exploitation of this vulnerability may affect system stability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based buffer overflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/3/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"name": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193",
"refsource": "MISC",
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40064",
"datePublished": "2022-03-07T13:49:22",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.704Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-46787 (GCVE-0-2021-46787)
Vulnerability from cvelistv5
Published
2022-05-13 15:02
Modified
2024-08-04 05:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper permission control vulnerability
Summary
The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/5/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:17:42.364Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper permission control vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-13T15:02:34",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-46787",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper permission control vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-46787",
"datePublished": "2022-05-13T15:02:34",
"dateReserved": "2022-04-25T00:00:00",
"dateUpdated": "2024-08-04T05:17:42.364Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37043 (GCVE-0-2021-37043)
Vulnerability from cvelistv5
Published
2021-12-07 16:02
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Uncontrolled Resource Consumption vulnerability
Summary
There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to malicious application processes occupy system resources.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.761Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to malicious application processes occupy system resources."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Uncontrolled Resource Consumption vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-07T16:02:05",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37043",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to malicious application processes occupy system resources."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Uncontrolled Resource Consumption vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37043",
"datePublished": "2021-12-07T16:02:05",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.761Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-39973 (GCVE-0-2021-39973)
Vulnerability from cvelistv5
Published
2022-01-03 21:07
Modified
2024-08-04 02:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Null pointer dereference
Summary
There is a Null pointer dereference in Smartphones.Successful exploitation of this vulnerability may cause the kernel to break down.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/11/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:34.108Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Null pointer dereference in Smartphones.Successful exploitation of this vulnerability may cause the kernel to break down."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Null pointer dereference",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-03T21:07:43",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-39973",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Null pointer dereference in Smartphones.Successful exploitation of this vulnerability may cause the kernel to break down."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Null pointer dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/11/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-39973",
"datePublished": "2022-01-03T21:07:43",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:20:34.108Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36995 (GCVE-0-2021-36995)
Vulnerability from cvelistv5
Published
2021-10-28 12:27
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuration Defect
Summary
There is an Unauthorized file access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.560Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Unauthorized file access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuration Defect",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:27:06",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-36995",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Unauthorized file access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuration Defect"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-36995",
"datePublished": "2021-10-28T12:27:06",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.560Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22442 (GCVE-0-2021-22442)
Vulnerability from cvelistv5
Published
2021-08-02 16:56
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper Validation of Integrity Check Value
Summary
There is an Improper Validation of Integrity Check Value Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper Validation of Integrity Check Value Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Validation of Integrity Check Value",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T16:56:16",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22442",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Improper Validation of Integrity Check Value Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Validation of Integrity Check Value"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22442",
"datePublished": "2021-08-02T16:56:16",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-38990 (GCVE-0-2022-38990)
Vulnerability from cvelistv5
Published
2022-09-16 17:55
Modified
2024-08-03 11:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuration defects
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:31.701Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "2.1"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuration defects",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:55:50",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-38990",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
},
{
"version_affected": "=",
"version_value": "2.1"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuration defects"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-38990",
"datePublished": "2022-09-16T17:55:50",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:10:31.701Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40015 (GCVE-0-2021-40015)
Vulnerability from cvelistv5
Published
2022-02-09 22:03
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Race condition vulnerability
Summary
There is a race condition vulnerability in the binder driver subsystem in the kernel.Successful exploitation of this vulnerability may affect kernel stability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/2/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202202-0000001204253396 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:30.449Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202202-0000001204253396"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": " EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a race condition vulnerability in the binder driver subsystem in the kernel.Successful exploitation of this vulnerability may affect kernel stability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Race condition vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-09T22:03:57",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202202-0000001204253396"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40015",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": " EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a race condition vulnerability in the binder driver subsystem in the kernel.Successful exploitation of this vulnerability may affect kernel stability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Race condition vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/2/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/2/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202202-0000001204253396",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202202-0000001204253396"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40015",
"datePublished": "2022-02-09T22:03:57",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:30.449Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40029 (GCVE-0-2021-40029)
Vulnerability from cvelistv5
Published
2022-01-07 22:39
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Buffer overflow vulnerability due to a boundary error with the Samba server
Summary
There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/1/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:30.614Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer overflow vulnerability due to a boundary error with the Samba server",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-07T22:39:34",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40029",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer overflow vulnerability due to a boundary error with the Samba server"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/1/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40029",
"datePublished": "2022-01-07T22:39:34",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:30.614Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-39969 (GCVE-0-2021-39969)
Vulnerability from cvelistv5
Published
2022-01-03 21:07
Modified
2024-08-04 02:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Unauthorized file access vulnerability
Summary
There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/11/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:34.329Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unauthorized file access vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-03T21:07:42",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-39969",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unauthorized file access vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/11/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-39969",
"datePublished": "2022-01-03T21:07:42",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:20:34.329Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40058 (GCVE-0-2021-40058)
Vulnerability from cvelistv5
Published
2022-03-07 13:49
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap-based buffer overflow vulnerability
Summary
There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/3/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.574Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-based buffer overflow vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T13:49:59",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40058",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based buffer overflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/3/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40058",
"datePublished": "2022-03-07T13:49:59",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-34741 (GCVE-0-2022-34741)
Vulnerability from cvelistv5
Published
2022-07-11 13:53
Modified
2024-08-03 09:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Buffer overflow vulnerability
Summary
The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/7/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:22:09.210Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer overflow vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-11T13:53:17",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-34741",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer overflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-34741",
"datePublished": "2022-07-11T13:53:17",
"dateReserved": "2022-06-28T00:00:00",
"dateUpdated": "2024-08-03T09:22:09.210Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37052 (GCVE-0-2021-37052)
Vulnerability from cvelistv5
Published
2021-12-08 14:12
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Exception log vulnerability
Summary
There is an Exception log vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause address information leakage.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/9/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.743Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Exception log vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause address information leakage."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Exception log vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T14:12:30",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37052",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Exception log vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause address information leakage."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Exception log vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37052",
"datePublished": "2021-12-08T14:12:30",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.743Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22252 (GCVE-0-2022-22252)
Vulnerability from cvelistv5
Published
2022-05-13 15:10
Modified
2024-08-03 03:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- UAF vulnerability
Summary
The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/4/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HarmonyOS;EMUI;Magic UI |
Version: HarmonyOS 2.0 Version: EMUI 12.0.0,EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0 Version: Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:50.208Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS;EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "HarmonyOS 2.0"
},
{
"status": "affected",
"version": "EMUI 12.0.0,EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "UAF vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-13T15:10:19",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-22252",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS;EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "HarmonyOS 2.0"
},
{
"version_value": "EMUI 12.0.0,EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "UAF vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/4/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-22252",
"datePublished": "2022-05-13T15:10:19",
"dateReserved": "2021-12-22T00:00:00",
"dateUpdated": "2024-08-03T03:07:50.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40054 (GCVE-0-2021-40054)
Vulnerability from cvelistv5
Published
2022-03-07 13:50
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Integer underflow vulnerability
Summary
There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of this vulnerability may affect integrity.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/3/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.517Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of this vulnerability may affect integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Integer underflow vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T13:50:21",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40054",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of this vulnerability may affect integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer underflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/3/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40054",
"datePublished": "2022-03-07T13:50:21",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37008 (GCVE-0-2022-37008)
Vulnerability from cvelistv5
Published
2022-08-09 20:10
Modified
2024-08-03 10:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Verification bypass vulnerability
Summary
The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/8/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.469Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Verification bypass vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-09T20:10:47",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-37008",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Verification bypass vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/8/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-37008",
"datePublished": "2022-08-09T20:10:47",
"dateReserved": "2022-07-28T00:00:00",
"dateUpdated": "2024-08-03T10:21:32.469Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36992 (GCVE-0-2021-36992)
Vulnerability from cvelistv5
Published
2021-10-28 12:26
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Incorrect Implementation of Authentication Algorithm
Summary
There is a Public key verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.608Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Public key verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Incorrect Implementation of Authentication Algorithm",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:26:45",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-36992",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Public key verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect Implementation of Authentication Algorithm"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-36992",
"datePublished": "2021-10-28T12:26:45",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.608Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37093 (GCVE-0-2021-37093)
Vulnerability from cvelistv5
Published
2021-12-08 14:13
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper Access Control vulnerability
Summary
There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers steal short messages.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2021/10/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.796Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers steal short messages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Access Control vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T14:13:11",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37093",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers steal short messages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/10/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37093",
"datePublished": "2021-12-08T14:13:11",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22335 (GCVE-0-2021-22335)
Vulnerability from cvelistv5
Published
2021-06-03 19:25
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Buffer Improper Operation Limit Vulnerability
Summary
There is a Memory Buffer Improper Operation Limit vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause exceptions in image processing.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/4/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0 Version: Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.471Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Memory Buffer Improper Operation Limit vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause exceptions in image processing."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Buffer Improper Operation Limit Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-03T19:25:23",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22335",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Memory Buffer Improper Operation Limit vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause exceptions in image processing."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Buffer Improper Operation Limit Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/4/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22335",
"datePublished": "2021-06-03T19:25:23",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37034 (GCVE-0-2021-37034)
Vulnerability from cvelistv5
Published
2021-11-23 15:16
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Unstandardized field names
Summary
There is an Unstandardized field names in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/8/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.359Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Unstandardized field names in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unstandardized field names",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-23T15:16:17",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37034",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Unstandardized field names in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unstandardized field names"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/8/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37034",
"datePublished": "2021-11-23T15:16:17",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.359Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-39996 (GCVE-0-2021-39996)
Vulnerability from cvelistv5
Published
2022-01-07 22:39
Modified
2024-08-04 02:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap-based buffer overflow
Summary
There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones. Successful exploitation of this vulnerability may cause memory overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2021/12/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI;HarmonyOS |
Version: EMUI 10.0.0,EMUI 10.1.0,EMUI 10.1.1,EMUI 11.0.0,EMUI 11.0.1 Version: Magic UI 3.0.0,Magic UI 3.1.0,Magic UI 3.1.1,Magic UI 4.0.0 Version: HarmonyOS 2.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:34.172Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/12/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI;HarmonyOS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 10.0.0,EMUI 10.1.0,EMUI 10.1.1,EMUI 11.0.0,EMUI 11.0.1"
},
{
"status": "affected",
"version": "Magic UI 3.0.0,Magic UI 3.1.0,Magic UI 3.1.1,Magic UI 4.0.0"
},
{
"status": "affected",
"version": "HarmonyOS 2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones. Successful exploitation of this vulnerability may cause memory overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-based buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-07T22:39:49",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/12/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-39996",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI;HarmonyOS",
"version": {
"version_data": [
{
"version_value": "EMUI 10.0.0,EMUI 10.1.0,EMUI 10.1.1,EMUI 11.0.0,EMUI 11.0.1"
},
{
"version_value": "Magic UI 3.0.0,Magic UI 3.1.0,Magic UI 3.1.1,Magic UI 4.0.0"
},
{
"version_value": "HarmonyOS 2.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones. Successful exploitation of this vulnerability may cause memory overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/12/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/12/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-39996",
"datePublished": "2022-01-07T22:39:49",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:20:34.172Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9149 (GCVE-0-2020-9149)
Vulnerability from cvelistv5
Published
2021-04-01 17:55
Modified
2024-08-04 10:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Incorrect Authorization
Summary
An application error verification vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to modify and delete user SMS messages.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/cn/support/bulletin/2021/1 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0 Version: Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.001Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/cn/support/bulletin/2021/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An application error verification vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to modify and delete user SMS messages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Incorrect Authorization",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-01T17:55:04",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/cn/support/bulletin/2021/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9149",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0"
},
{
"version_value": "Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An application error verification vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to modify and delete user SMS messages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/cn/support/bulletin/2021/1",
"refsource": "MISC",
"url": "https://consumer.huawei.com/cn/support/bulletin/2021/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9149",
"datePublished": "2021-04-01T17:55:04",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.001Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37027 (GCVE-0-2021-37027)
Vulnerability from cvelistv5
Published
2022-02-25 18:11
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- DoS vulnerability
Summary
There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service integrity.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2021/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.635Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DoS vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-25T18:11:04",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37027",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37027",
"datePublished": "2022-02-25T18:11:04",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40030 (GCVE-0-2021-40030)
Vulnerability from cvelistv5
Published
2022-08-09 20:11
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Weaknesses Introduced During Design
Summary
The My HUAWEI app has a defect in the design. Successful exploitation of this vulnerability may affect data confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/8/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:30.616Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The My HUAWEI app has a defect in the design. Successful exploitation of this vulnerability may affect data confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Weaknesses Introduced During Design",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-09T20:11:10",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40030",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The My HUAWEI app has a defect in the design. Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Weaknesses Introduced During Design"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/8/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40030",
"datePublished": "2022-08-09T20:11:10",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:30.616Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37055 (GCVE-0-2021-37055)
Vulnerability from cvelistv5
Published
2021-12-07 15:45
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Logic bypass vulnerability
Summary
There is a Logic bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to obtain certain device information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.746Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Logic bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to obtain certain device information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Logic bypass vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-07T15:45:32",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37055",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Logic bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to obtain certain device information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Logic bypass vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37055",
"datePublished": "2021-12-07T15:45:32",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.746Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22448 (GCVE-0-2021-22448)
Vulnerability from cvelistv5
Published
2022-02-25 18:11
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper verification vulnerability
Summary
There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause unauthorized read and write of some files.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.054Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause unauthorized read and write of some files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper verification vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-25T18:11:02",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22448",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause unauthorized read and write of some files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper verification vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22448",
"datePublished": "2022-02-25T18:11:02",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22386 (GCVE-0-2021-22386)
Vulnerability from cvelistv5
Published
2021-08-10 13:04
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Double Free
Summary
A component of the Huawei smartphone has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevation of Privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC | |
| https://device.harmonyos.com/cn/docs/security/update/oem_security_update_phone_202106-0000001165452077 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI;HarmonyOS |
Version: EMUI 11.0.0 Version: Magic UI 4.0.0 Version: HarmonyOS 2.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.147Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/oem_security_update_phone_202106-0000001165452077"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI;HarmonyOS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0"
},
{
"status": "affected",
"version": "HarmonyOS 2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A component of the Huawei smartphone has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevation of Privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Double Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-10T13:04:18",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/oem_security_update_phone_202106-0000001165452077"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22386",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI;HarmonyOS",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0"
},
{
"version_value": "Magic UI 4.0.0"
},
{
"version_value": "HarmonyOS 2.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A component of the Huawei smartphone has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevation of Privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Double Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"name": "https://device.harmonyos.com/cn/docs/security/update/oem_security_update_phone_202106-0000001165452077",
"refsource": "MISC",
"url": "https://device.harmonyos.com/cn/docs/security/update/oem_security_update_phone_202106-0000001165452077"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22386",
"datePublished": "2021-08-10T13:04:18",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.147Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22433 (GCVE-0-2021-22433)
Vulnerability from cvelistv5
Published
2022-02-25 18:11
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory address out of bounds
Summary
There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory address out of bounds",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-25T18:11:08",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22433",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory address out of bounds"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22433",
"datePublished": "2022-02-25T18:11:08",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.664Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31762 (GCVE-0-2022-31762)
Vulnerability from cvelistv5
Published
2022-06-13 14:56
Modified
2024-08-03 07:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Input validation vulnerability
Summary
The AMS module has a vulnerability in input validation. Successful exploitation of this vulnerability may cause privilege escalation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/6/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.026Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "12.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The AMS module has a vulnerability in input validation. Successful exploitation of this vulnerability may cause privilege escalation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Input validation vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-11T13:54:12",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-31762",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "12.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AMS module has a vulnerability in input validation. Successful exploitation of this vulnerability may cause privilege escalation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Input validation vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-31762",
"datePublished": "2022-06-13T14:56:38",
"dateReserved": "2022-05-27T00:00:00",
"dateUpdated": "2024-08-03T07:26:01.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22402 (GCVE-0-2021-22402)
Vulnerability from cvelistv5
Published
2021-10-28 12:21
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Uncaught Exception
Summary
There is a DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause DoS attacks.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.285Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause DoS attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Uncaught Exception",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:21:40",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22402",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause DoS attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Uncaught Exception"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22402",
"datePublished": "2021-10-28T12:21:40",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9142 (GCVE-0-2020-9142)
Vulnerability from cvelistv5
Published
2021-01-13 21:48
Modified
2024-08-04 10:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap-based Buffer Overflow
Summary
There is a heap base buffer overflow vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability can cause heap overflow and memory overwriting when the system incorrectly processes the update file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2020/12/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0 Version: Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a heap base buffer overflow vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability can cause heap overflow and memory overwriting when the system incorrectly processes the update file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-based Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-13T21:48:46",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9142",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0"
},
{
"version_value": "Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a heap base buffer overflow vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability can cause heap overflow and memory overwriting when the system incorrectly processes the update file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2020/12/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9142",
"datePublished": "2021-01-13T21:48:46",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-38991 (GCVE-0-2022-38991)
Vulnerability from cvelistv5
Published
2022-09-16 17:56
Modified
2024-08-03 11:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuration defects
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:31.692Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuration defects",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:56:49",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-38991",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuration defects"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-38991",
"datePublished": "2022-09-16T17:56:49",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:10:31.692Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22324 (GCVE-0-2021-22324)
Vulnerability from cvelistv5
Published
2021-06-03 16:21
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Credentials Management Errors
Summary
There is a Credentials Management Errors vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/3/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0 Version: Magic UI 4.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.496Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/3/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Credentials Management Errors vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Credentials Management Errors",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-03T16:21:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/3/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22324",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0"
},
{
"version_value": "Magic UI 4.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Credentials Management Errors vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Credentials Management Errors"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/3/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/3/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22324",
"datePublished": "2021-06-03T16:21:01",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9144 (GCVE-0-2020-9144)
Vulnerability from cvelistv5
Published
2021-01-13 18:53
Modified
2024-08-04 10:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper Restriction of Operations within the Bounds of a Memory Buffer
Summary
There is a heap overflow vulnerability in some Huawei smartphone, attackers can exploit this vulnerability to cause heap overflows due to improper restriction of operations within the bounds of a memory buffer.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2020/12/ | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.023Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0"
},
{
"status": "affected",
"version": "EMUI 10.1.1"
},
{
"status": "affected",
"version": "EMUI 10.1.0"
},
{
"status": "affected",
"version": "EMUI 10.0.0"
},
{
"status": "affected",
"version": "EMUI 9.1.1"
},
{
"status": "affected",
"version": "EMUI 9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Magic UI 4.0.0"
},
{
"status": "affected",
"version": "Magic UI 3.1.1"
},
{
"status": "affected",
"version": "Magic UI 3.1.0"
},
{
"status": "affected",
"version": "Magic UI 3.0.0"
},
{
"status": "affected",
"version": "Magic UI 2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a heap overflow vulnerability in some Huawei smartphone, attackers can exploit this vulnerability to cause heap overflows due to improper restriction of operations within the bounds of a memory buffer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-13T18:53:04",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9144",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0"
},
{
"version_value": "EMUI 10.1.1"
},
{
"version_value": "EMUI 10.1.0"
},
{
"version_value": "EMUI 10.0.0"
},
{
"version_value": "EMUI 9.1.1"
},
{
"version_value": "EMUI 9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_value": "Magic UI 4.0.0"
},
{
"version_value": "Magic UI 3.1.1"
},
{
"version_value": "Magic UI 3.1.0"
},
{
"version_value": "Magic UI 3.0.0"
},
{
"version_value": "Magic UI 2.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a heap overflow vulnerability in some Huawei smartphone, attackers can exploit this vulnerability to cause heap overflows due to improper restriction of operations within the bounds of a memory buffer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2020/12/",
"refsource": "CONFIRM",
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9144",
"datePublished": "2021-01-13T18:53:04",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22392 (GCVE-0-2021-22392)
Vulnerability from cvelistv5
Published
2021-08-02 16:45
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Incorrect Calculation of Buffer Size
Summary
There is an Incorrect Calculation of Buffer Size in Huawei Smartphone.Successful exploitation of this vulnerability may cause verification bypass and directions to abnormal addresses.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.355Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Incorrect Calculation of Buffer Size in Huawei Smartphone.Successful exploitation of this vulnerability may cause verification bypass and directions to abnormal addresses."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Incorrect Calculation of Buffer Size",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T16:45:43",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22392",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Incorrect Calculation of Buffer Size in Huawei Smartphone.Successful exploitation of this vulnerability may cause verification bypass and directions to abnormal addresses."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect Calculation of Buffer Size"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22392",
"datePublished": "2021-08-02T16:45:43",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37049 (GCVE-0-2021-37049)
Vulnerability from cvelistv5
Published
2021-12-08 14:12
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap-based buffer overflow vulnerability
Summary
There is a Heap-based buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may rewrite the memory of adjacent objects.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/9/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.723Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Heap-based buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may rewrite the memory of adjacent objects."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-based buffer overflow vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T14:12:15",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37049",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Heap-based buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may rewrite the memory of adjacent objects."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based buffer overflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37049",
"datePublished": "2021-12-08T14:12:15",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.723Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-46789 (GCVE-0-2021-46789)
Vulnerability from cvelistv5
Published
2022-05-13 15:03
Modified
2024-08-04 05:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuration defectsl vulnerability
Summary
Configuration defects in the secure OS module. Successful exploitation of this vulnerability can affect availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/5/ | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/6/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.1, EMUI 12.0.0 Version: Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 3.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:17:42.682Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.1, EMUI 12.0.0"
},
{
"status": "affected",
"version": "Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Configuration defects in the secure OS module. Successful exploitation of this vulnerability can affect availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuration defectsl vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-11T13:58:24",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-46789",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.1, EMUI 12.0.0"
},
{
"version_value": "Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 3.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Configuration defects in the secure OS module. Successful exploitation of this vulnerability can affect availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuration defectsl vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-46789",
"datePublished": "2022-05-13T15:03:07",
"dateReserved": "2022-04-25T00:00:00",
"dateUpdated": "2024-08-04T05:17:42.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22337 (GCVE-0-2021-22337)
Vulnerability from cvelistv5
Published
2021-06-03 19:20
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure Vulnerability
Summary
There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause leaking of user click data.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/4/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0 Version: Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.541Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause leaking of user click data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-03T19:20:26",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22337",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause leaking of user click data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/4/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22337",
"datePublished": "2021-06-03T19:20:26",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.541Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22256 (GCVE-0-2022-22256)
Vulnerability from cvelistv5
Published
2022-04-11 19:38
Modified
2024-08-03 03:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper access control vulnerability
Summary
The DFX module has an access control vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/4/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:50.317Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The DFX module has an access control vulnerability.Successful exploitation of this vulnerability may affect data confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper access control vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T19:38:19",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-22256",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DFX module has an access control vulnerability.Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper access control vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/4/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-22256",
"datePublished": "2022-04-11T19:38:19",
"dateReserved": "2021-12-22T00:00:00",
"dateUpdated": "2024-08-03T03:07:50.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36990 (GCVE-0-2021-36990)
Vulnerability from cvelistv5
Published
2021-10-28 12:26
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds Write
Summary
There is a vulnerability of tampering with the kernel in Huawei Smartphone.Successful exploitation of this vulnerability may escalate permissions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability of tampering with the kernel in Huawei Smartphone.Successful exploitation of this vulnerability may escalate permissions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds Write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:26:30",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-36990",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a vulnerability of tampering with the kernel in Huawei Smartphone.Successful exploitation of this vulnerability may escalate permissions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-36990",
"datePublished": "2021-10-28T12:26:30",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22323 (GCVE-0-2021-22323)
Vulnerability from cvelistv5
Published
2021-06-30 14:53
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Integer Overflow Vulnerability
Summary
There is an Integer Overflow Vulnerability in Huawei Smartphone. Successful exploitation of these vulnerabilities may escalate the permission to that of the root user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/5/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0,EMUI 10.1.1 Version: Magic UI 4.0.0,Magic UI 3.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.513Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0,EMUI 10.1.1"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Integer Overflow Vulnerability in Huawei Smartphone. Successful exploitation of these vulnerabilities may escalate the permission to that of the root user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Integer Overflow Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T14:53:25",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22323",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0,EMUI 10.1.1"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Integer Overflow Vulnerability in Huawei Smartphone. Successful exploitation of these vulnerabilities may escalate the permission to that of the root user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22323",
"datePublished": "2021-06-30T14:53:25",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.513Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40051 (GCVE-0-2021-40051)
Vulnerability from cvelistv5
Published
2022-03-07 13:50
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Unauthorized access vulnerability
Summary
There is an unauthorized access vulnerability in system components. Successful exploitation of this vulnerability will affect confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/3/ | x_refsource_MISC | |
| https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.416Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an unauthorized access vulnerability in system components. Successful exploitation of this vulnerability will affect confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unauthorized access vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T13:50:41",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40051",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an unauthorized access vulnerability in system components. Successful exploitation of this vulnerability will affect confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unauthorized access vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/3/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"name": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193",
"refsource": "MISC",
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40051",
"datePublished": "2022-03-07T13:50:41",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.416Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37041 (GCVE-0-2021-37041)
Vulnerability from cvelistv5
Published
2021-12-07 15:45
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper verification vulnerability
Summary
There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.690Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper verification vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-07T15:45:10",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37041",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper verification vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37041",
"datePublished": "2021-12-07T15:45:10",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.690Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36989 (GCVE-0-2021-36989)
Vulnerability from cvelistv5
Published
2021-10-28 12:26
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Kernel crash vulnerability
Summary
There is a Kernel crash vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may escalate permissions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.380Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Kernel crash vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may escalate permissions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Kernel crash vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:26:23",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-36989",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Kernel crash vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may escalate permissions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Kernel crash vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-36989",
"datePublished": "2021-10-28T12:26:23",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22258 (GCVE-0-2022-22258)
Vulnerability from cvelistv5
Published
2022-04-11 19:38
Modified
2024-08-03 03:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Event notification vulnerability
Summary
The Wi-Fi module has an event notification vulnerability.Successful exploitation of this vulnerability may allow third-party applications to intercept event notifications and add information and result in elevation-of-privilege.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/4/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/5/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HarmonyOS;EMUI;Magic UI |
Version: HarmonyOS 2.0 Version: EMUI 12.0.0,EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0 Version: Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:50.176Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS;EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "HarmonyOS 2.0"
},
{
"status": "affected",
"version": "EMUI 12.0.0,EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Wi-Fi module has an event notification vulnerability.Successful exploitation of this vulnerability may allow third-party applications to intercept event notifications and add information and result in elevation-of-privilege."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Event notification vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-13T15:15:12",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-22258",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS;EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "HarmonyOS 2.0"
},
{
"version_value": "EMUI 12.0.0,EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Wi-Fi module has an event notification vulnerability.Successful exploitation of this vulnerability may allow third-party applications to intercept event notifications and add information and result in elevation-of-privilege."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Event notification vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/4/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-22258",
"datePublished": "2022-04-11T19:38:18",
"dateReserved": "2021-12-22T00:00:00",
"dateUpdated": "2024-08-03T03:07:50.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40050 (GCVE-0-2021-40050)
Vulnerability from cvelistv5
Published
2022-03-07 13:50
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds read vulnerability
Summary
There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this vulnerability may cause stack overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/3/ | x_refsource_MISC | |
| https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.299Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this vulnerability may cause stack overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds read vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T13:50:49",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40050",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this vulnerability may cause stack overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds read vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/3/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"name": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193",
"refsource": "MISC",
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40050",
"datePublished": "2022-03-07T13:50:49",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22436 (GCVE-0-2021-22436)
Vulnerability from cvelistv5
Published
2021-10-28 12:21
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Logic Bypass Vulnerability
Summary
There is a Logic Bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service integrity and availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": " EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Logic Bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service integrity and availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Logic Bypass Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:21:15",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22436",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": " EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Logic Bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service integrity and availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Logic Bypass Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22436",
"datePublished": "2021-10-28T12:21:15",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37056 (GCVE-0-2021-37056)
Vulnerability from cvelistv5
Published
2021-12-07 15:45
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper permission control vulnerability
Summary
There is an Improper permission control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to obtain certain device information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.866Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper permission control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to obtain certain device information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper permission control vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-07T15:45:37",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37056",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Improper permission control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to obtain certain device information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper permission control vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37056",
"datePublished": "2021-12-07T15:45:37",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40016 (GCVE-0-2021-40016)
Vulnerability from cvelistv5
Published
2022-07-11 13:53
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper permission control vulnerability
Summary
Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:30.606Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "12.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper permission control vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-11T13:53:57",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40016",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "12.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper permission control vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40016",
"datePublished": "2022-07-11T13:53:57",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:30.606Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22313 (GCVE-0-2021-22313)
Vulnerability from cvelistv5
Published
2021-06-03 15:19
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Security Function
Summary
There is a Security Function vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/2/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0 Version: Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.546Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/2/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Security Function vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Security Function",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-03T15:19:46",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/2/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22313",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Security Function vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Security Function"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/2/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/2/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22313",
"datePublished": "2021-06-03T15:19:46",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.546Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22486 (GCVE-0-2021-22486)
Vulnerability from cvelistv5
Published
2021-10-28 12:25
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Unstandardized field names
Summary
There is a issue of Unstandardized field names in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:14.032Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a issue of Unstandardized field names in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unstandardized field names",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:25:05",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22486",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a issue of Unstandardized field names in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unstandardized field names"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22486",
"datePublished": "2021-10-28T12:25:05",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:14.032Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22475 (GCVE-0-2021-22475)
Vulnerability from cvelistv5
Published
2021-10-28 12:24
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Permission Control Vulnerability
Summary
There is an Improper permission management vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.998Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper permission management vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Permission Control Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:24:38",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22475",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Improper permission management vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Permission Control Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22475",
"datePublished": "2021-10-28T12:24:38",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.998Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22347 (GCVE-0-2021-22347)
Vulnerability from cvelistv5
Published
2021-07-01 10:58
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper Access Control
Summary
There is an Improper Access Control vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause temporary DoS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/5/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1 Version: Magic UI 4.0.0,Magic UI 3.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper Access Control vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause temporary DoS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Access Control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-01T10:58:59",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22347",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Improper Access Control vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause temporary DoS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22347",
"datePublished": "2021-07-01T10:58:59",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22379 (GCVE-0-2021-22379)
Vulnerability from cvelistv5
Published
2021-08-02 16:39
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Integer Underflow (Wrap or Wraparound)
Summary
There is an Integer Underflow (Wrap or Wraparound) Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause DoS of Samgr.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.334Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Integer Underflow (Wrap or Wraparound) Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause DoS of Samgr."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Integer Underflow (Wrap or Wraparound)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T16:39:57",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22379",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Integer Underflow (Wrap or Wraparound) Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause DoS of Samgr."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Underflow (Wrap or Wraparound)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22379",
"datePublished": "2021-08-02T16:39:57",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.334Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22389 (GCVE-0-2021-22389)
Vulnerability from cvelistv5
Published
2021-08-02 16:43
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Permission Control Vulnerability
Summary
There is a Permission Control Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause certain codes to be executed.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.294Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Permission Control Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause certain codes to be executed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Permission Control Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T16:43:54",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22389",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Permission Control Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause certain codes to be executed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Permission Control Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22389",
"datePublished": "2021-08-02T16:43:54",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.294Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22447 (GCVE-0-2021-22447)
Vulnerability from cvelistv5
Published
2021-08-02 17:39
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper Check for Unusual or Exceptional Conditions
Summary
There is an Improper Check for Unusual or Exceptional Conditions Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.191Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper Check for Unusual or Exceptional Conditions Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T17:39:56",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22447",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Improper Check for Unusual or Exceptional Conditions Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Check for Unusual or Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22447",
"datePublished": "2021-08-02T17:39:56",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.191Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22489 (GCVE-0-2021-22489)
Vulnerability from cvelistv5
Published
2022-02-25 18:11
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- DoS vulnerability
Summary
There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/10/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202108-0000001181125881 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.654Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202108-0000001181125881"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DoS vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-25T18:11:03",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202108-0000001181125881"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22489",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/10/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202108-0000001181125881",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202108-0000001181125881"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22489",
"datePublished": "2022-02-25T18:11:03",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22308 (GCVE-0-2021-22308)
Vulnerability from cvelistv5
Published
2021-06-03 15:15
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Business Logic Errors
Summary
There is a Business Logic Errors vulnerability in Huawei Smartphone. The malicious apps installed on the device can keep taking screenshots in the background. This issue does not cause system errors, but may cause personal information leakage.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/2/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0 Version: Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.500Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/2/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Business Logic Errors vulnerability in Huawei Smartphone. The malicious apps installed on the device can keep taking screenshots in the background. This issue does not cause system errors, but may cause personal information leakage."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Business Logic Errors",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-03T15:15:20",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/2/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22308",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Business Logic Errors vulnerability in Huawei Smartphone. The malicious apps installed on the device can keep taking screenshots in the background. This issue does not cause system errors, but may cause personal information leakage."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Business Logic Errors"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/2/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/2/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22308",
"datePublished": "2021-06-03T15:15:20",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.500Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40034 (GCVE-0-2021-40034)
Vulnerability from cvelistv5
Published
2022-08-09 20:10
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory overwriting vulnerability
Summary
The video framework has the memory overwriting vulnerability caused by addition overflow. Successful exploitation of this vulnerability may affect the availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/8/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.218Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The video framework has the memory overwriting vulnerability caused by addition overflow. Successful exploitation of this vulnerability may affect the availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory overwriting vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-09T20:10:14",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40034",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The video framework has the memory overwriting vulnerability caused by addition overflow. Successful exploitation of this vulnerability may affect the availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory overwriting vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/8/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40034",
"datePublished": "2022-08-09T20:10:14",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40059 (GCVE-0-2021-40059)
Vulnerability from cvelistv5
Published
2022-03-07 13:49
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Permission control vulnerability
Summary
There is a permission control vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/3/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.535Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a permission control vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Permission control vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T13:49:53",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40059",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a permission control vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Permission control vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/3/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40059",
"datePublished": "2022-03-07T13:49:53",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22429 (GCVE-0-2021-22429)
Vulnerability from cvelistv5
Published
2022-02-25 18:11
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory address out of bounds
Summary
There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.799Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory address out of bounds",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-25T18:11:12",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22429",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory address out of bounds"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22429",
"datePublished": "2022-02-25T18:11:12",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40048 (GCVE-0-2021-40048)
Vulnerability from cvelistv5
Published
2022-03-07 13:51
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Incorrect buffer size calculation vulnerability
Summary
There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability will affect availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/3/ | x_refsource_MISC | |
| https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability will affect availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Incorrect buffer size calculation vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T13:51:00",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40048",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability will affect availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect buffer size calculation vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/3/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"name": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193",
"refsource": "MISC",
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40048",
"datePublished": "2022-03-07T13:51:00",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40040 (GCVE-0-2021-40040)
Vulnerability from cvelistv5
Published
2022-08-09 20:11
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Write data to arbitrary address vulnerability
Summary
Vulnerability of writing data to an arbitrary address in the HW_KEYMASTER module. Successful exploitation of this vulnerability may affect confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/8/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HarmonyOS;EMUI;Magic UI |
Version: HarmonyOS 2.0 Version: EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0 Version: Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.529Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS;EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "HarmonyOS 2.0"
},
{
"status": "affected",
"version": "EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability of writing data to an arbitrary address in the HW_KEYMASTER module. Successful exploitation of this vulnerability may affect confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Write data to arbitrary address vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:53:31",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40040",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS;EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "HarmonyOS 2.0"
},
{
"version_value": "EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability of writing data to an arbitrary address in the HW_KEYMASTER module. Successful exploitation of this vulnerability may affect confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Write data to arbitrary address vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/8/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40040",
"datePublished": "2022-08-09T20:11:21",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.529Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-39005 (GCVE-0-2022-39005)
Vulnerability from cvelistv5
Published
2022-09-16 17:56
Modified
2024-08-03 11:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory leak vulnerability
Summary
The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:32.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "2.1"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory leak vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:56:07",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-39005",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
},
{
"version_affected": "=",
"version_value": "2.1"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory leak vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-39005",
"datePublished": "2022-09-16T17:56:07",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:10:32.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22370 (GCVE-0-2021-22370)
Vulnerability from cvelistv5
Published
2021-06-30 13:49
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Credentials Management Errors
Summary
There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/5/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0 Version: Magic UI 4.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Credentials Management Errors",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T13:49:33",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22370",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0"
},
{
"version_value": "Magic UI 4.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Credentials Management Errors"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22370",
"datePublished": "2021-06-30T13:49:33",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-46742 (GCVE-0-2021-46742)
Vulnerability from cvelistv5
Published
2022-04-11 19:38
Modified
2024-08-04 05:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Unauthorized insertion vulnerability
Summary
The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/4/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:17:42.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unauthorized insertion vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T19:38:22",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-46742",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unauthorized insertion vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/4/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-46742",
"datePublished": "2022-04-11T19:38:22",
"dateReserved": "2022-03-26T00:00:00",
"dateUpdated": "2024-08-04T05:17:42.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22434 (GCVE-0-2021-22434)
Vulnerability from cvelistv5
Published
2022-02-25 18:11
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory address out of bounds
Summary
There is a memory address out of bounds vulnerability in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.403Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a memory address out of bounds vulnerability in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory address out of bounds",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-25T18:11:07",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22434",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a memory address out of bounds vulnerability in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory address out of bounds"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22434",
"datePublished": "2022-02-25T18:11:07",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40044 (GCVE-0-2021-40044)
Vulnerability from cvelistv5
Published
2022-02-09 22:03
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper Handling of Insufficient Permissions or Privileges
Summary
There is a permission verification vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may cause unauthorized operations.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/2/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.466Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/2/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": " EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a permission verification vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may cause unauthorized operations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Handling of Insufficient Permissions or Privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-09T22:03:56",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/2/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40044",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": " EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a permission verification vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may cause unauthorized operations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Handling of Insufficient Permissions or Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/2/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/2/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40044",
"datePublished": "2022-02-09T22:03:56",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.466Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31757 (GCVE-0-2022-31757)
Vulnerability from cvelistv5
Published
2022-06-13 15:05
Modified
2024-08-03 07:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper use of APIs vulnerability
Summary
The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/6/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.279Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper use of APIs vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T15:05:48",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-31757",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper use of APIs vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-31757",
"datePublished": "2022-06-13T15:05:48",
"dateReserved": "2022-05-27T00:00:00",
"dateUpdated": "2024-08-03T07:26:01.279Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-39998 (GCVE-0-2021-39998)
Vulnerability from cvelistv5
Published
2022-01-07 22:39
Modified
2024-08-04 02:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Concurrently called for multiple times
Summary
There is Vulnerability of APIs being concurrently called for multiple times in HwConnectivityExService a in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2021/12/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI;HarmonyOS |
Version: EMUI 11.0.0,EMUI 11.0.1 Version: Magic UI 4.0.0 Version: HarmonyOS 2.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:34.247Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/12/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI;HarmonyOS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0,EMUI 11.0.1"
},
{
"status": "affected",
"version": "Magic UI 4.0.0"
},
{
"status": "affected",
"version": "HarmonyOS 2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is Vulnerability of APIs being concurrently called for multiple times in HwConnectivityExService a in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Concurrently called for multiple times",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-07T22:39:48",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/12/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-39998",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI;HarmonyOS",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0,EMUI 11.0.1"
},
{
"version_value": "Magic UI 4.0.0"
},
{
"version_value": "HarmonyOS 2.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is Vulnerability of APIs being concurrently called for multiple times in HwConnectivityExService a in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Concurrently called for multiple times"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202112-0000001183296718"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/12/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/12/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-39998",
"datePublished": "2022-01-07T22:39:48",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:20:34.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9146 (GCVE-0-2020-9146)
Vulnerability from cvelistv5
Published
2021-04-01 17:53
Modified
2024-08-04 10:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds Read
Summary
A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to cause memory leakage and doS attacks by carefully constructing attack scenarios.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/cn/support/bulletin/2021/1 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0 Version: Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.034Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/cn/support/bulletin/2021/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to cause memory leakage and doS attacks by carefully constructing attack scenarios."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds Read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-01T17:53:16",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/cn/support/bulletin/2021/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9146",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0"
},
{
"version_value": "Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to cause memory leakage and doS attacks by carefully constructing attack scenarios."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/cn/support/bulletin/2021/1",
"refsource": "MISC",
"url": "https://consumer.huawei.com/cn/support/bulletin/2021/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9146",
"datePublished": "2021-04-01T17:53:16",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.034Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22384 (GCVE-0-2021-22384)
Vulnerability from cvelistv5
Published
2021-08-02 16:41
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure Vulnerability
Summary
There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.275Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T16:41:53",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22384",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22384",
"datePublished": "2021-08-02T16:41:53",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.275Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37045 (GCVE-0-2021-37045)
Vulnerability from cvelistv5
Published
2021-12-08 14:12
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- UAF vulnerability
Summary
There is an UAF vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart unexpectedly and the kernel-mode code to be executed.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/9/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.856Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an UAF vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart unexpectedly and the kernel-mode code to be executed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "UAF vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T14:12:07",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37045",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an UAF vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart unexpectedly and the kernel-mode code to be executed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "UAF vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37045",
"datePublished": "2021-12-08T14:12:07",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.856Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22437 (GCVE-0-2021-22437)
Vulnerability from cvelistv5
Published
2022-02-25 18:11
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- TOCTOU condition vulnerability caused by software integer overflow
Summary
There is a software integer overflow leading to a TOCTOU condition in smartphones. Successful exploitation of this vulnerability may cause random address access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.662Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a software integer overflow leading to a TOCTOU condition in smartphones. Successful exploitation of this vulnerability may cause random address access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "TOCTOU condition vulnerability caused by software integer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-25T18:11:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22437",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a software integer overflow leading to a TOCTOU condition in smartphones. Successful exploitation of this vulnerability may cause random address access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "TOCTOU condition vulnerability caused by software integer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22437",
"datePublished": "2022-02-25T18:11:01",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.662Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22345 (GCVE-0-2021-22345)
Vulnerability from cvelistv5
Published
2021-06-30 21:06
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Input Verification Vulnerability
Summary
There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause out-of-bounds memory write.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/5/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI, Magic UI |
Version: EMUI 11.0.1 Version: EMUI 11.0.0 Version: EMUI 10.1.1 Version: Magic UI 4.0.0 Version: Magic UI 3.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.535Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI, Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.1"
},
{
"status": "affected",
"version": "EMUI 11.0.0"
},
{
"status": "affected",
"version": "EMUI 10.1.1"
},
{
"status": "affected",
"version": "Magic UI 4.0.0"
},
{
"status": "affected",
"version": "Magic UI 3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause out-of-bounds memory write."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Input Verification Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T21:06:08",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22345",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI, Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.1"
},
{
"version_value": "EMUI 11.0.0"
},
{
"version_value": "EMUI 10.1.1"
},
{
"version_value": "Magic UI 4.0.0"
},
{
"version_value": "Magic UI 3.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause out-of-bounds memory write."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Input Verification Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22345",
"datePublished": "2021-06-30T21:06:08",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22446 (GCVE-0-2021-22446)
Vulnerability from cvelistv5
Published
2021-08-02 17:39
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure Vulnerability
Summary
There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.225Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T17:39:43",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22446",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22446",
"datePublished": "2021-08-02T17:39:43",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.225Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36986 (GCVE-0-2021-36986)
Vulnerability from cvelistv5
Published
2021-10-28 12:25
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds Write
Summary
There is a vulnerability of tampering with the kernel in Huawei Smartphone.Successful exploitation of this vulnerability may escalate permissions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.316Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability of tampering with the kernel in Huawei Smartphone.Successful exploitation of this vulnerability may escalate permissions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds Write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:25:45",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-36986",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a vulnerability of tampering with the kernel in Huawei Smartphone.Successful exploitation of this vulnerability may escalate permissions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-36986",
"datePublished": "2021-10-28T12:25:45",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.316Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22372 (GCVE-0-2021-22372)
Vulnerability from cvelistv5
Published
2021-06-30 13:54
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Security Features
Summary
There is a Security Features Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/5/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0 Version: Magic UI 4.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.197Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Security Features Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Security Features",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T13:54:06",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22372",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0"
},
{
"version_value": "Magic UI 4.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Security Features Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Security Features"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22372",
"datePublished": "2021-06-30T13:54:06",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37044 (GCVE-0-2021-37044)
Vulnerability from cvelistv5
Published
2021-12-08 14:12
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Permission control vulnerability
Summary
There is a Permission control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/9/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.792Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Permission control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Permission control vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T14:12:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37044",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Permission control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Permission control vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37044",
"datePublished": "2021-12-08T14:12:01",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22482 (GCVE-0-2021-22482)
Vulnerability from cvelistv5
Published
2021-10-28 12:21
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Uninitialized variable vulnerability
Summary
There is an Uninitialized variable vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause transmission of invalid data.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:14.047Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Uninitialized variable vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause transmission of invalid data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Uninitialized variable vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:21:27",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22482",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Uninitialized variable vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause transmission of invalid data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Uninitialized variable vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22482",
"datePublished": "2021-10-28T12:21:27",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:14.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-34740 (GCVE-0-2022-34740)
Vulnerability from cvelistv5
Published
2022-07-11 13:53
Modified
2024-08-03 09:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Buffer overflow vulnerability
Summary
The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/7/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:22:09.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer overflow vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-11T13:53:10",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-34740",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer overflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-34740",
"datePublished": "2022-07-11T13:53:10",
"dateReserved": "2022-06-28T00:00:00",
"dateUpdated": "2024-08-03T09:22:09.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40049 (GCVE-0-2021-40049)
Vulnerability from cvelistv5
Published
2022-03-07 13:50
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Permission control vulnerability
Summary
There is a permission control vulnerability in the PMS module. Successful exploitation of this vulnerability can lead to sensitive system information being obtained without authorization.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/3/ | x_refsource_MISC | |
| https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.210Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a permission control vulnerability in the PMS module. Successful exploitation of this vulnerability can lead to sensitive system information being obtained without authorization."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Permission control vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T13:50:55",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40049",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a permission control vulnerability in the PMS module. Successful exploitation of this vulnerability can lead to sensitive system information being obtained without authorization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Permission control vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/3/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"name": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193",
"refsource": "MISC",
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40049",
"datePublished": "2022-03-07T13:50:55",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.210Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36996 (GCVE-0-2021-36996)
Vulnerability from cvelistv5
Published
2021-10-28 12:27
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper verification
Summary
There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause transmission of certain virtual information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.341Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause transmission of certain virtual information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper verification",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:27:13",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-36996",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause transmission of certain virtual information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper verification"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-36996",
"datePublished": "2021-10-28T12:27:13",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.341Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40009 (GCVE-0-2021-40009)
Vulnerability from cvelistv5
Published
2022-01-07 22:39
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds write vulnerability
Summary
There is an Out-of-bounds write vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/1/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:30.289Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Out-of-bounds write vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds write vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-07T22:39:33",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40009",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Out-of-bounds write vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds write vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/1/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40009",
"datePublished": "2022-01-07T22:39:33",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:30.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37021 (GCVE-0-2021-37021)
Vulnerability from cvelistv5
Published
2021-12-07 16:02
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Stack-based Buffer Overflow vulnerability
Summary
There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.959Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Stack-based Buffer Overflow vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-07T16:02:00",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37021",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stack-based Buffer Overflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37021",
"datePublished": "2021-12-07T16:02:00",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.959Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22346 (GCVE-0-2021-22346)
Vulnerability from cvelistv5
Published
2021-06-30 20:55
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper Permission Management
Summary
There is an Improper Permission Management Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may lead to the disclosure of user habits.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/5/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0,EMUI 10.1.1 Version: Magic UI 4.0.0,Magic UI 3.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.695Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0,EMUI 10.1.1"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper Permission Management Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may lead to the disclosure of user habits."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Permission Management",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T20:55:40",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22346",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0,EMUI 10.1.1"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Improper Permission Management Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may lead to the disclosure of user habits."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Permission Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22346",
"datePublished": "2021-06-30T20:55:40",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36998 (GCVE-0-2021-36998)
Vulnerability from cvelistv5
Published
2021-10-28 12:27
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuration Defect
Summary
There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to read an array that is out of bounds.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.642Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to read an array that is out of bounds."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuration Defect",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:27:26",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-36998",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to read an array that is out of bounds."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuration Defect"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-36998",
"datePublished": "2021-10-28T12:27:26",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.642Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37075 (GCVE-0-2021-37075)
Vulnerability from cvelistv5
Published
2021-12-08 14:13
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Credentials Management Errors vulnerability
Summary
There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to confidentiality affected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2021/10/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.793Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to confidentiality affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Credentials Management Errors vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T14:13:00",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37075",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to confidentiality affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Credentials Management Errors vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/10/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37075",
"datePublished": "2021-12-08T14:13:00",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.793Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31755 (GCVE-0-2022-31755)
Vulnerability from cvelistv5
Published
2022-06-13 14:56
Modified
2024-08-03 07:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper permission preservation vulnerability
Summary
The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/6/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.098Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "12.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper permission preservation vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-11T13:54:19",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-31755",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "12.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper permission preservation vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-31755",
"datePublished": "2022-06-13T14:56:09",
"dateReserved": "2022-05-27T00:00:00",
"dateUpdated": "2024-08-03T07:26:01.098Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31753 (GCVE-0-2022-31753)
Vulnerability from cvelistv5
Published
2022-06-13 15:06
Modified
2024-08-03 07:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Weaknesses Introduced During Design
Summary
The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/6/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.119Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Weaknesses Introduced During Design",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T15:06:07",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-31753",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Weaknesses Introduced During Design"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-31753",
"datePublished": "2022-06-13T15:06:07",
"dateReserved": "2022-05-27T00:00:00",
"dateUpdated": "2024-08-03T07:26:01.119Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40061 (GCVE-0-2021-40061)
Vulnerability from cvelistv5
Published
2022-03-07 13:49
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Type confusion vulnerability
Summary
There is a vulnerability of accessing resources using an incompatible type (type confusion) in the Bastet module. Successful exploitation of this vulnerability may affect integrity.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/3/ | x_refsource_MISC | |
| https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.652Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability of accessing resources using an incompatible type (type confusion) in the Bastet module. Successful exploitation of this vulnerability may affect integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Type confusion vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T13:49:40",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40061",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a vulnerability of accessing resources using an incompatible type (type confusion) in the Bastet module. Successful exploitation of this vulnerability may affect integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Type confusion vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/3/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"name": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193",
"refsource": "MISC",
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40061",
"datePublished": "2022-03-07T13:49:40",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22319 (GCVE-0-2021-22319)
Vulnerability from cvelistv5
Published
2022-02-25 18:11
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper verification vulnerability
Summary
There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause integer overflows.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/10/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202109-0000001150310956 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.495Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202109-0000001150310956"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause integer overflows."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper verification vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-25T18:11:05",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202109-0000001150310956"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22319",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause integer overflows."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper verification vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/10/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202109-0000001150310956",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202109-0000001150310956"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22319",
"datePublished": "2022-02-25T18:11:05",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22481 (GCVE-0-2021-22481)
Vulnerability from cvelistv5
Published
2021-10-28 12:21
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Input Verification Vulnerability
Summary
There is a Verification errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Verification errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Input Verification Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:21:20",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22481",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Verification errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Input Verification Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22481",
"datePublished": "2021-10-28T12:21:20",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-39993 (GCVE-0-2021-39993)
Vulnerability from cvelistv5
Published
2022-01-07 22:39
Modified
2024-08-04 02:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Integer overflow
Summary
There is an Integer overflow vulnerability with ACPU in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/12/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0 Version: Magic UI 4.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:34.134Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/12/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Integer overflow vulnerability with ACPU in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Integer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-07T22:39:48",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/12/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-39993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0"
},
{
"version_value": "Magic UI 4.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Integer overflow vulnerability with ACPU in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/12/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/12/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-39993",
"datePublished": "2022-01-07T22:39:48",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:20:34.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40037 (GCVE-0-2021-40037)
Vulnerability from cvelistv5
Published
2022-01-07 22:39
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Vulnerability of accessing resources using an incompatible type (type confusion)
Summary
There is a Vulnerability of accessing resources using an incompatible type (type confusion) in the MPTCP subsystem in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/1/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Vulnerability of accessing resources using an incompatible type (type confusion) in the MPTCP subsystem in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Vulnerability of accessing resources using an incompatible type (type confusion)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-07T22:39:37",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40037",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Vulnerability of accessing resources using an incompatible type (type confusion) in the MPTCP subsystem in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Vulnerability of accessing resources using an incompatible type (type confusion)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/1/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40037",
"datePublished": "2022-01-07T22:39:37",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-38992 (GCVE-0-2022-38992)
Vulnerability from cvelistv5
Published
2022-09-16 17:56
Modified
2024-08-03 11:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuration defects
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:31.946Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuration defects",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:56:55",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-38992",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuration defects"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-38992",
"datePublished": "2022-09-16T17:56:55",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:10:31.946Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40011 (GCVE-0-2021-40011)
Vulnerability from cvelistv5
Published
2022-01-07 22:39
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Uncontrolled resource consumption vulnerability
Summary
There is an uncontrolled resource consumption vulnerability in the display module. Successful exploitation of this vulnerability may affect integrity.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/1/ | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/3/ | x_refsource_MISC | |
| https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI;HarmonyOS |
Version: EMUI 12.0.0,EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0 Version: Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1 Version: HarmonyOS 2.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:30.292Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI;HarmonyOS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 12.0.0,EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1"
},
{
"status": "affected",
"version": "HarmonyOS 2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an uncontrolled resource consumption vulnerability in the display module. Successful exploitation of this vulnerability may affect integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Uncontrolled resource consumption vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T14:05:45",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40011",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI;HarmonyOS",
"version": {
"version_data": [
{
"version_value": "EMUI 12.0.0,EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1"
},
{
"version_value": "HarmonyOS 2.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an uncontrolled resource consumption vulnerability in the display module. Successful exploitation of this vulnerability may affect integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Uncontrolled resource consumption vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/1/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/3/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"name": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193",
"refsource": "MISC",
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40011",
"datePublished": "2022-01-07T22:39:31",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:30.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-46813 (GCVE-0-2021-46813)
Vulnerability from cvelistv5
Published
2022-06-13 15:06
Modified
2024-08-04 05:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Weaknesses Introduced During Design
Summary
Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:17:42.754Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Weaknesses Introduced During Design",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T15:06:56",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-46813",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Weaknesses Introduced During Design"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-46813",
"datePublished": "2022-06-13T15:06:56",
"dateReserved": "2022-05-27T00:00:00",
"dateUpdated": "2024-08-04T05:17:42.754Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36994 (GCVE-0-2021-36994)
Vulnerability from cvelistv5
Published
2021-10-28 12:26
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Competitive Condition Vulnerability
Summary
There is a issue that trustlist strings being repeatedly inserted into the linked list in Huawei Smartphone due to race conditions. Successful exploitation of this vulnerability can cause exceptions when managing the system trustlist.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.485Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a issue that trustlist strings being repeatedly inserted into the linked list in Huawei Smartphone due to race conditions. Successful exploitation of this vulnerability can cause exceptions when managing the system trustlist."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Competitive Condition Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:26:58",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-36994",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a issue that trustlist strings being repeatedly inserted into the linked list in Huawei Smartphone due to race conditions. Successful exploitation of this vulnerability can cause exceptions when managing the system trustlist."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Competitive Condition Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-36994",
"datePublished": "2021-10-28T12:26:58",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.485Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-36601 (GCVE-0-2020-36601)
Vulnerability from cvelistv5
Published
2022-09-16 17:58
Modified
2024-08-04 17:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds write vulnerability
Summary
Out-of-bounds write vulnerability in the kernel modules. Successful exploitation of this vulnerability may cause a panic reboot.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:30:08.424Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write vulnerability in the kernel modules. Successful exploitation of this vulnerability may cause a panic reboot."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds write vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:58:12",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-36601",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds write vulnerability in the kernel modules. Successful exploitation of this vulnerability may cause a panic reboot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds write vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-36601",
"datePublished": "2022-09-16T17:58:12",
"dateReserved": "2022-08-24T00:00:00",
"dateUpdated": "2024-08-04T17:30:08.424Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37092 (GCVE-0-2021-37092)
Vulnerability from cvelistv5
Published
2021-12-08 14:13
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Incomplete Cleanup vulnerability
Summary
There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2021/10/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.701Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Incomplete Cleanup vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T14:13:05",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37092",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incomplete Cleanup vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/10/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37092",
"datePublished": "2021-12-08T14:13:05",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.701Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40013 (GCVE-0-2021-40013)
Vulnerability from cvelistv5
Published
2022-07-11 13:53
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper permission control vulnerability
Summary
Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect integrity.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:30.452Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "12.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper permission control vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-11T13:53:52",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40013",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "12.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper permission control vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40013",
"datePublished": "2022-07-11T13:53:52",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:30.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9141 (GCVE-0-2020-9141)
Vulnerability from cvelistv5
Published
2021-01-13 21:53
Modified
2024-08-04 10:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper Privilege Management
Summary
There is a improper privilege management vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability can cause information disclosure and malfunctions due to insufficient verification of data authenticity.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2020/12/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 10.1.1, EMUI 10.1.0 Version: Magic UI 3.1.1, Magic UI 3.1.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.072Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 10.1.1, EMUI 10.1.0"
},
{
"status": "affected",
"version": "Magic UI 3.1.1, Magic UI 3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a improper privilege management vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability can cause information disclosure and malfunctions due to insufficient verification of data authenticity."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Privilege Management",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-13T21:53:48",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9141",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 10.1.1, EMUI 10.1.0"
},
{
"version_value": "Magic UI 3.1.1, Magic UI 3.1.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a improper privilege management vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability can cause information disclosure and malfunctions due to insufficient verification of data authenticity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2020/12/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9141",
"datePublished": "2021-01-13T21:53:48",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-39000 (GCVE-0-2022-39000)
Vulnerability from cvelistv5
Published
2022-09-16 17:55
Modified
2024-08-03 11:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Malicious app control vulnerability
Summary
The iAware module has a vulnerability in managing malicious apps.Successful exploitation of this vulnerability will cause malicious apps to automatically start upon system startup.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:32.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "2.1"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The iAware module has a vulnerability in managing malicious apps.Successful exploitation of this vulnerability will cause malicious apps to automatically start upon system startup."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Malicious app control vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:55:46",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-39000",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
},
{
"version_affected": "=",
"version_value": "2.1"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The iAware module has a vulnerability in managing malicious apps.Successful exploitation of this vulnerability will cause malicious apps to automatically start upon system startup."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Malicious app control vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-39000",
"datePublished": "2022-09-16T17:55:46",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:10:32.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9148 (GCVE-0-2020-9148)
Vulnerability from cvelistv5
Published
2021-04-01 17:56
Modified
2024-08-04 10:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Multiple Unlocks of a Critical Resource
Summary
An application bypass mechanism vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to delete user SMS messages.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/cn/support/bulletin/2021/1 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.0 Version: Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.028Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/cn/support/bulletin/2021/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An application bypass mechanism vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to delete user SMS messages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Multiple Unlocks of a Critical Resource",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-01T17:56:39",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/cn/support/bulletin/2021/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9148",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.0"
},
{
"version_value": "Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An application bypass mechanism vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to delete user SMS messages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Multiple Unlocks of a Critical Resource"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/cn/support/bulletin/2021/1",
"refsource": "MISC",
"url": "https://consumer.huawei.com/cn/support/bulletin/2021/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9148",
"datePublished": "2021-04-01T17:56:39",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.028Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37111 (GCVE-0-2021-37111)
Vulnerability from cvelistv5
Published
2022-01-03 21:07
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory leakage
Summary
There is a Memory leakage vulnerability in Smartphone.Successful exploitation of this vulnerability may cause memory exhaustion.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/10/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.760Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
},
{
"product": "Harmony OS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Memory leakage vulnerability in Smartphone.Successful exploitation of this vulnerability may cause memory exhaustion."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory leakage",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-03T21:07:27",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37111",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
},
{
"product_name": "Harmony OS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Memory leakage vulnerability in Smartphone.Successful exploitation of this vulnerability may cause memory exhaustion."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory leakage"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/10/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37111",
"datePublished": "2022-01-03T21:07:27",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.760Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37121 (GCVE-0-2021-37121)
Vulnerability from cvelistv5
Published
2022-01-03 21:07
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuration defects
Summary
There is a Configuration defects in Smartphone.Successful exploitation of this vulnerability may elevate the MEID (IMEI) permission.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/10/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 10.1.0,EMUI 10.0.0 Version: Magic UI 3.1.0,Magic UI 3.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 10.1.0,EMUI 10.0.0"
},
{
"status": "affected",
"version": "Magic UI 3.1.0,Magic UI 3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Configuration defects in Smartphone.Successful exploitation of this vulnerability may elevate the MEID (IMEI) permission."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuration defects",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-03T21:07:13",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37121",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 10.1.0,EMUI 10.0.0"
},
{
"version_value": "Magic UI 3.1.0,Magic UI 3.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Configuration defects in Smartphone.Successful exploitation of this vulnerability may elevate the MEID (IMEI) permission."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuration defects"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/10/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37121",
"datePublished": "2022-01-03T21:07:13",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22375 (GCVE-0-2021-22375)
Vulnerability from cvelistv5
Published
2021-06-30 13:43
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Key Management Errors
Summary
There is a Key Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality,availability and integrity.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/5/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI11.0.0 Version: Magic UI 4.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.300Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI11.0.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Key Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality,availability and integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Key Management Errors",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T13:43:58",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22375",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI11.0.0"
},
{
"version_value": "Magic UI 4.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Key Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality,availability and integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Key Management Errors"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22375",
"datePublished": "2021-06-30T13:43:58",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.300Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22388 (GCVE-0-2021-22388)
Vulnerability from cvelistv5
Published
2021-08-02 16:43
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Integer Overflow Vulnerability
Summary
There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause certain codes to be executed.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.377Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause certain codes to be executed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Integer Overflow Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T16:43:28",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22388",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause certain codes to be executed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22388",
"datePublished": "2021-08-02T16:43:28",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.377Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37046 (GCVE-0-2021-37046)
Vulnerability from cvelistv5
Published
2021-12-07 15:45
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory leak vulnerability with the codec detection module
Summary
There is a Memory leak vulnerability with the codec detection module in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart due to memory exhaustion.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.728Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Memory leak vulnerability with the codec detection module in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart due to memory exhaustion."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory leak vulnerability with the codec detection module",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-07T15:45:21",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37046",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Memory leak vulnerability with the codec detection module in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart due to memory exhaustion."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory leak vulnerability with the codec detection module"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37046",
"datePublished": "2021-12-07T15:45:21",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.728Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-39002 (GCVE-0-2022-39002)
Vulnerability from cvelistv5
Published
2022-09-16 00:00
Modified
2024-08-03 11:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Double free vulnerability
Summary
Double free vulnerability in the storage module. Successful exploitation of this vulnerability will cause the memory to be freed twice.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HarmonyOS;EMUI;Magic UI |
Version: HarmonyOS 2.0 Version: EMUI 11.0.0 Version: Magic UI 4.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:31.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"tags": [
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202210-0000001416095697"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS;EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "HarmonyOS 2.0"
},
{
"status": "affected",
"version": "EMUI 11.0.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Double free vulnerability in the storage module. Successful exploitation of this vulnerability will cause the memory to be freed twice."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Double free vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-14T00:00:00",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202210-0000001416095697"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-39002",
"datePublished": "2022-09-16T00:00:00",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:10:31.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22368 (GCVE-0-2021-22368)
Vulnerability from cvelistv5
Published
2021-06-30 17:20
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Permission Control Vulnerability
Summary
There is a Permission Control Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect normal use of the device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/5/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 10.1.1 Version: Magic UI 3.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.417Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 10.1.1"
},
{
"status": "affected",
"version": "Magic UI 3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Permission Control Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect normal use of the device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Permission Control Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T17:20:09",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22368",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 10.1.1"
},
{
"version_value": "Magic UI 3.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Permission Control Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect normal use of the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Permission Control Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22368",
"datePublished": "2021-06-30T17:20:09",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.417Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22403 (GCVE-0-2021-22403)
Vulnerability from cvelistv5
Published
2021-10-28 12:21
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Insufficient聽Verification聽of聽Data聽Authenticity
Summary
There is a vulnerability of hijacking unverified providers in Huawei Smartphone.Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious commands.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.955Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability of hijacking unverified providers in Huawei Smartphone.Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficient\u807dVerification\u807dof\u807dData\u807dAuthenticity",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:21:47",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22403",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a vulnerability of hijacking unverified providers in Huawei Smartphone.Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient\u807dVerification\u807dof\u807dData\u807dAuthenticity"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22403",
"datePublished": "2021-10-28T12:21:47",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37050 (GCVE-0-2021-37050)
Vulnerability from cvelistv5
Published
2021-12-08 14:12
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Missing sensitive data encryption vulnerability
Summary
There is a Missing sensitive data encryption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/9/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.742Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Missing sensitive data encryption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Missing sensitive data encryption vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T14:12:20",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37050",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Missing sensitive data encryption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing sensitive data encryption vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37050",
"datePublished": "2021-12-08T14:12:20",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.742Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22435 (GCVE-0-2021-22435)
Vulnerability from cvelistv5
Published
2021-08-02 16:54
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuration Defect
Summary
There is a Configuration Defect Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service integrity and availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.945Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Configuration Defect Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service integrity and availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuration Defect",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T16:54:58",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22435",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Configuration Defect Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service integrity and availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuration Defect"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22435",
"datePublished": "2021-08-02T16:54:58",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37042 (GCVE-0-2021-37042)
Vulnerability from cvelistv5
Published
2021-12-07 15:45
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper verification vulnerability
Summary
There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.783Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper verification vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-07T15:45:16",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37042",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper verification vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37042",
"datePublished": "2021-12-07T15:45:16",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.783Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22395 (GCVE-0-2021-22395)
Vulnerability from cvelistv5
Published
2022-02-25 18:11
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Code injection vulnerability
Summary
There is a code injection vulnerability in smartphones. Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202108-0000001181125881 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.252Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202108-0000001181125881"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a code injection vulnerability in smartphones. Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Code injection vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-25T18:11:06",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202108-0000001181125881"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22395",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a code injection vulnerability in smartphones. Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Code injection vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202108-0000001181125881",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202108-0000001181125881"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22395",
"datePublished": "2022-02-25T18:11:06",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.252Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40012 (GCVE-0-2021-40012)
Vulnerability from cvelistv5
Published
2022-07-11 13:53
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Incorrect pointer usage vulnerability
Summary
Vulnerability of pointers being incorrectly used during data transmission in the video framework. Successful exploitation of this vulnerability may affect confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/7/ | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/8/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:30.290Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability of pointers being incorrectly used during data transmission in the video framework. Successful exploitation of this vulnerability may affect confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Incorrect pointer usage vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-09T20:12:13",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40012",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability of pointers being incorrectly used during data transmission in the video framework. Successful exploitation of this vulnerability may affect confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect pointer usage vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/8/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40012",
"datePublished": "2022-07-11T13:53:47",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:30.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-46788 (GCVE-0-2021-46788)
Vulnerability from cvelistv5
Published
2022-05-13 15:02
Modified
2024-08-04 05:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Third-party pop-up window coverage vulnerability
Summary
Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/5/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:17:42.325Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Third-party pop-up window coverage vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-13T15:02:51",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-46788",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Third-party pop-up window coverage vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-46788",
"datePublished": "2022-05-13T15:02:51",
"dateReserved": "2022-04-25T00:00:00",
"dateUpdated": "2024-08-04T05:17:42.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31752 (GCVE-0-2022-31752)
Vulnerability from cvelistv5
Published
2022-06-13 15:07
Modified
2024-08-03 07:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Missing authorization vulnerability
Summary
Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.101Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Missing authorization vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T15:07:45",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-31752",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing authorization vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-31752",
"datePublished": "2022-06-13T15:07:45",
"dateReserved": "2022-05-27T00:00:00",
"dateUpdated": "2024-08-03T07:26:01.101Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9140 (GCVE-0-2020-9140)
Vulnerability from cvelistv5
Published
2021-01-13 21:55
Modified
2024-08-04 10:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Buffer Access with Incorrect Length Value
Summary
There is a vulnerability with buffer access with incorrect length value in some Huawei Smartphone.Unauthorized users may trigger code execution when a buffer overflow occurs.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2020/12/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0 Version: Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability with buffer access with incorrect length value in some Huawei Smartphone.Unauthorized users may trigger code execution when a buffer overflow occurs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Access with Incorrect Length Value",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-13T21:55:57",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9140",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0"
},
{
"version_value": "Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a vulnerability with buffer access with incorrect length value in some Huawei Smartphone.Unauthorized users may trigger code execution when a buffer overflow occurs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Access with Incorrect Length Value"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2020/12/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9140",
"datePublished": "2021-01-13T21:55:57",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37029 (GCVE-0-2021-37029)
Vulnerability from cvelistv5
Published
2021-11-23 15:14
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Identity verification vulnerability
Summary
There is an Identity verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/8/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.674Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Identity verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Identity verification vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-23T15:14:17",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37029",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Identity verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Identity verification vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/8/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37029",
"datePublished": "2021-11-23T15:14:17",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.674Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22354 (GCVE-0-2021-22354)
Vulnerability from cvelistv5
Published
2021-06-30 17:12
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure Vulnerability
Summary
There is an Information Disclosure Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause out-of-bounds read.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/5/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0,EMUI 10.1.1 Version: Magic UI 4.0.0,Magic UI 3.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0,EMUI 10.1.1"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Information Disclosure Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T17:12:48",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22354",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0,EMUI 10.1.1"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Information Disclosure Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause out-of-bounds read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22354",
"datePublished": "2021-06-30T17:12:48",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-34737 (GCVE-0-2022-34737)
Vulnerability from cvelistv5
Published
2022-07-11 13:53
Modified
2024-08-03 09:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper permission assignment vulnerability
Summary
The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/7/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:22:09.075Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "12.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper permission assignment vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-11T13:53:35",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-34737",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "12.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper permission assignment vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-34737",
"datePublished": "2022-07-11T13:53:35",
"dateReserved": "2022-06-28T00:00:00",
"dateUpdated": "2024-08-03T09:22:09.075Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-38979 (GCVE-0-2022-38979)
Vulnerability from cvelistv5
Published
2022-09-16 17:56
Modified
2024-08-03 11:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuration defects
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:31.710Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "2.1"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuration defects",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:56:43",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-38979",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
},
{
"version_affected": "=",
"version_value": "2.1"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuration defects"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-38979",
"datePublished": "2022-09-16T17:56:43",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:10:31.710Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22405 (GCVE-0-2021-22405)
Vulnerability from cvelistv5
Published
2021-10-28 12:22
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuration Defect
Summary
There is a Configuration defects in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.220Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Configuration defects in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuration Defect",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:22:03",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22405",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Configuration defects in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuration Defect"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22405",
"datePublished": "2021-10-28T12:22:03",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.220Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31758 (GCVE-0-2022-31758)
Vulnerability from cvelistv5
Published
2022-06-13 14:55
Modified
2024-08-03 07:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Race condition vulnerability
Summary
The kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/6/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.103Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "12.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Race condition vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T14:55:25",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-31758",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "12.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Race condition vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-31758",
"datePublished": "2022-06-13T14:55:25",
"dateReserved": "2022-05-27T00:00:00",
"dateUpdated": "2024-08-03T07:26:01.103Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40053 (GCVE-0-2021-40053)
Vulnerability from cvelistv5
Published
2022-03-07 13:50
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Permission control vulnerability
Summary
There is a permission control vulnerability in the Nearby module.Successful exploitation of this vulnerability will affect availability and integrity.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/3/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | HarmonyOS;EMUI;Magic UI |
Version: HarmonyOS 2.0,HarmonyOS 2.1 Version: EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0 Version: Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.826Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS;EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "HarmonyOS 2.0,HarmonyOS 2.1"
},
{
"status": "affected",
"version": "EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a permission control vulnerability in the Nearby module.Successful exploitation of this vulnerability will affect availability and integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Permission control vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:53:22",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40053",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS;EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "HarmonyOS 2.0,HarmonyOS 2.1"
},
{
"version_value": "EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a permission control vulnerability in the Nearby module.Successful exploitation of this vulnerability will affect availability and integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Permission control vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/3/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40053",
"datePublished": "2022-03-07T13:50:29",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22351 (GCVE-0-2021-22351)
Vulnerability from cvelistv5
Published
2021-06-30 20:14
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Credentials Management Errors
Summary
There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may induce users to grant permissions on modifying items in the configuration table,causing system exceptions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/5/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1 Version: Magic UI 4.0.0,Magic UI 3.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.590Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may induce users to grant permissions on modifying items in the configuration table,causing system exceptions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Credentials Management Errors",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T20:14:54",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22351",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may induce users to grant permissions on modifying items in the configuration table,causing system exceptions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Credentials Management Errors"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22351",
"datePublished": "2021-06-30T20:14:54",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.590Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40057 (GCVE-0-2021-40057)
Vulnerability from cvelistv5
Published
2022-03-07 13:50
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap-based and stack-based buffer overflow vulnerabilities
Summary
There is a heap-based and stack-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/3/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.783Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a heap-based and stack-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-based and stack-based buffer overflow vulnerabilities",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T13:50:03",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40057",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a heap-based and stack-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based and stack-based buffer overflow vulnerabilities"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/3/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40057",
"datePublished": "2022-03-07T13:50:03",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.783Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22407 (GCVE-0-2021-22407)
Vulnerability from cvelistv5
Published
2021-10-28 12:22
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuration Defect
Summary
There is a Configuration defects in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.377Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Configuration defects in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuration Defect",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:22:28",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22407",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Configuration defects in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuration Defect"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22407",
"datePublished": "2021-10-28T12:22:28",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.377Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-39966 (GCVE-0-2021-39966)
Vulnerability from cvelistv5
Published
2022-01-03 21:07
Modified
2024-08-04 02:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Uninitialized AOD driver structure
Summary
There is an Uninitialized AOD driver structure in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/11/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:34.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "4.0.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Uninitialized AOD driver structure in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Uninitialized AOD driver structure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-03T21:07:41",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-39966",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Uninitialized AOD driver structure in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Uninitialized AOD driver structure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/11/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-39966",
"datePublished": "2022-01-03T21:07:41",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:20:34.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22343 (GCVE-0-2021-22343)
Vulnerability from cvelistv5
Published
2021-07-01 11:15
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuration Defect
Summary
There is a Configuration Defect vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/5/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1 Version: Magic UI 4.0.0,Magic UI 3.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Configuration Defect vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuration Defect",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-01T11:15:32",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22343",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Configuration Defect vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuration Defect"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22343",
"datePublished": "2021-07-01T11:15:32",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37069 (GCVE-0-2021-37069)
Vulnerability from cvelistv5
Published
2021-12-08 14:12
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Race Condition vulnerability
Summary
There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2021/11/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.799Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "4.0.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Race Condition vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T14:12:48",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37069",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Race Condition vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/11/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37069",
"datePublished": "2021-12-08T14:12:48",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-39003 (GCVE-0-2022-39003)
Vulnerability from cvelistv5
Published
2022-09-16 17:58
Modified
2024-08-03 11:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Buffer overflow vulnerability
Summary
Buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability will affect the confidentiality and integrity of trusted components.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:32.163Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability will affect the confidentiality and integrity of trusted components."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer overflow vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:58:06",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-39003",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability will affect the confidentiality and integrity of trusted components."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer overflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-39003",
"datePublished": "2022-09-16T17:58:06",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:10:32.163Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40056 (GCVE-0-2021-40056)
Vulnerability from cvelistv5
Published
2022-03-07 13:50
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Buffer Copy without Checking Size of Input
Summary
There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/3/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.862Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Copy without Checking Size of Input",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T13:50:10",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40056",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Copy without Checking Size of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/3/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40056",
"datePublished": "2022-03-07T13:50:10",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.862Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-34739 (GCVE-0-2022-34739)
Vulnerability from cvelistv5
Published
2022-07-11 13:53
Modified
2024-08-03 09:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Addition overflow vulnerability
Summary
The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address mappings.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/7/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:22:09.048Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "12.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address mappings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Addition overflow vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-11T13:53:23",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-34739",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "12.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address mappings."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Addition overflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-34739",
"datePublished": "2022-07-11T13:53:23",
"dateReserved": "2022-06-28T00:00:00",
"dateUpdated": "2024-08-03T09:22:09.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-46811 (GCVE-0-2021-46811)
Vulnerability from cvelistv5
Published
2022-06-13 15:06
Modified
2024-08-04 05:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper permission management vulnerability
Summary
HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC) information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/6/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:17:42.663Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC) information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper permission management vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T15:06:25",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-46811",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC) information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper permission management vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-46811",
"datePublished": "2022-06-13T15:06:25",
"dateReserved": "2022-05-27T00:00:00",
"dateUpdated": "2024-08-04T05:17:42.663Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22334 (GCVE-0-2021-22334)
Vulnerability from cvelistv5
Published
2021-06-03 19:28
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper Access Control
Summary
There is an Improper Access Control vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause app redirections.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/4/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0,EMUI 10.1.1 Version: Magic UI 4.0.0,Magic UI 3.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0,EMUI 10.1.1"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper Access Control vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause app redirections."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Access Control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-03T19:28:49",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22334",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0,EMUI 10.1.1"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Improper Access Control vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause app redirections."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/4/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22334",
"datePublished": "2021-06-03T19:28:49",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22428 (GCVE-0-2021-22428)
Vulnerability from cvelistv5
Published
2021-08-02 16:54
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Incomplete Cleanup
Summary
There is an Incomplete Cleanup Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Incomplete Cleanup Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Incomplete Cleanup",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T16:54:27",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22428",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Incomplete Cleanup Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incomplete Cleanup"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22428",
"datePublished": "2021-08-02T16:54:27",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37054 (GCVE-0-2021-37054)
Vulnerability from cvelistv5
Published
2021-12-08 14:12
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Identity spoofing and authentication bypass vulnerability
Summary
There is an Identity spoofing and authentication bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/9/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.700Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.1"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Identity spoofing and authentication bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Identity spoofing and authentication bypass vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T14:12:42",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37054",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Identity spoofing and authentication bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Identity spoofing and authentication bypass vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37054",
"datePublished": "2021-12-08T14:12:42",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.700Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-38997 (GCVE-0-2022-38997)
Vulnerability from cvelistv5
Published
2022-09-16 17:57
Modified
2024-08-03 11:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuration defects
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:32.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "2.1"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuration defects",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:57:08",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-38997",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
},
{
"version_affected": "=",
"version_value": "2.1"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuration defects"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-38997",
"datePublished": "2022-09-16T17:57:08",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:10:32.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22438 (GCVE-0-2021-22438)
Vulnerability from cvelistv5
Published
2021-08-02 16:55
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Buffer Improper Operation Limit Vulnerability
Summary
There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause malicious code to be executed.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.310Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause malicious code to be executed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Buffer Improper Operation Limit Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T16:55:27",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22438",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause malicious code to be executed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Buffer Improper Operation Limit Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22438",
"datePublished": "2021-08-02T16:55:27",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.310Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36991 (GCVE-0-2021-36991)
Vulnerability from cvelistv5
Published
2021-10-28 12:26
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuration Defect
Summary
There is an Unauthorized file access vulnerability in Huawei Smartphone due to unstandardized path input.Successful exploitation of this vulnerability by creating malicious file paths can cause unauthorized file access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Unauthorized file access vulnerability in Huawei Smartphone due to unstandardized path input.Successful exploitation of this vulnerability by creating malicious file paths can cause unauthorized file access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuration Defect",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:26:37",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-36991",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Unauthorized file access vulnerability in Huawei Smartphone due to unstandardized path input.Successful exploitation of this vulnerability by creating malicious file paths can cause unauthorized file access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuration Defect"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-36991",
"datePublished": "2021-10-28T12:26:37",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-38989 (GCVE-0-2022-38989)
Vulnerability from cvelistv5
Published
2022-09-16 17:56
Modified
2024-08-03 11:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuration defects
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:31.663Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuration defects",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:56:33",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-38989",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuration defects"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-38989",
"datePublished": "2022-09-16T17:56:33",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:10:31.663Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40038 (GCVE-0-2021-40038)
Vulnerability from cvelistv5
Published
2022-01-07 22:39
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Double free
Summary
There is a Double free vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/1/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.198Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Double free vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Double free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-07T22:39:38",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40038",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Double free vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Double free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/1/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40038",
"datePublished": "2022-01-07T22:39:38",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.198Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37114 (GCVE-0-2021-37114)
Vulnerability from cvelistv5
Published
2022-01-03 21:07
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds read
Summary
There is an Out-of-bounds read vulnerability in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/10/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.804Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.1"
}
]
},
{
"product": "Harmony OS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Out-of-bounds read vulnerability in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-03T21:07:28",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37114",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "Harmony OS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Out-of-bounds read vulnerability in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/10/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37114",
"datePublished": "2022-01-03T21:07:28",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36993 (GCVE-0-2021-36993)
Vulnerability from cvelistv5
Published
2021-10-28 12:26
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory leaks
Summary
There is a Memory leaks vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.365Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Memory leaks vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory leaks",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:26:51",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-36993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Memory leaks vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory leaks"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-36993",
"datePublished": "2021-10-28T12:26:51",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.365Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22483 (GCVE-0-2021-22483)
Vulnerability from cvelistv5
Published
2021-10-28 12:24
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- IP address spoofing
Summary
There is a issue of IP address spoofing in Huawei Smartphone. Successful exploitation of this vulnerability may cause DoS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:14.055Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a issue of IP address spoofing in Huawei Smartphone. Successful exploitation of this vulnerability may cause DoS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "IP address spoofing",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:24:52",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22483",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a issue of IP address spoofing in Huawei Smartphone. Successful exploitation of this vulnerability may cause DoS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IP address spoofing"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22483",
"datePublished": "2021-10-28T12:24:52",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:14.055Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-39967 (GCVE-0-2021-39967)
Vulnerability from cvelistv5
Published
2022-01-03 21:07
Modified
2025-05-22 18:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper broadcast permission settings
Summary
There is a Vulnerability of obtaining broadcast information improperly due to improper broadcast permission settings in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/11/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:34.223Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-39967",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-22T17:49:15.294292Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T18:48:08.694Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Vulnerability of obtaining broadcast information improperly due to improper broadcast permission settings in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper broadcast permission settings",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-03T21:07:41.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-39967",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Vulnerability of obtaining broadcast information improperly due to improper broadcast permission settings in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper broadcast permission settings"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/11/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-39967",
"datePublished": "2022-01-03T21:07:41.000Z",
"dateReserved": "2021-08-23T00:00:00.000Z",
"dateUpdated": "2025-05-22T18:48:08.694Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40035 (GCVE-0-2021-40035)
Vulnerability from cvelistv5
Published
2022-01-07 22:39
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Buffer overflow vulnerability due to a boundary error with the Samba server
Summary
There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/1/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.442Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer overflow vulnerability due to a boundary error with the Samba server",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-07T22:39:36",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40035",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer overflow vulnerability due to a boundary error with the Samba server"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/1/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40035",
"datePublished": "2022-01-07T22:39:36",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22488 (GCVE-0-2021-22488)
Vulnerability from cvelistv5
Published
2021-10-28 12:25
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuration defect
Summary
There is an Unauthorized file access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.607Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Unauthorized file access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuration defect",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:25:17",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22488",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Unauthorized file access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuration defect"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22488",
"datePublished": "2021-10-28T12:25:17",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.607Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9147 (GCVE-0-2020-9147)
Vulnerability from cvelistv5
Published
2021-04-01 17:51
Modified
2024-08-04 10:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Buffer Underwrite
Summary
A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers may exploit this vulnerability by carefully constructing attack scenarios to cause out-of-bounds read.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/cn/support/bulletin/2021/1 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0 Version: Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.124Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/cn/support/bulletin/2021/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers may exploit this vulnerability by carefully constructing attack scenarios to cause out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Underwrite",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-01T17:51:54",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/cn/support/bulletin/2021/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9147",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0"
},
{
"version_value": "Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers may exploit this vulnerability by carefully constructing attack scenarios to cause out-of-bounds read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Underwrite"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/cn/support/bulletin/2021/1",
"refsource": "MISC",
"url": "https://consumer.huawei.com/cn/support/bulletin/2021/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9147",
"datePublished": "2021-04-01T17:51:54",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.124Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22369 (GCVE-0-2021-22369)
Vulnerability from cvelistv5
Published
2021-06-30 14:48
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Time-of-check Time-of-use (TOCTOU) Race Condition
Summary
There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Huawei Smartphone. Successful exploitation of these vulnerabilities may escalate the permission to that of the root user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/5/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0,EMUI 10.1.1 Version: Magic UI 4.0.0,Magic UI 3.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.381Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0,EMUI 10.1.1"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Huawei Smartphone. Successful exploitation of these vulnerabilities may escalate the permission to that of the root user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T14:48:09",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22369",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0,EMUI 10.1.1"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Huawei Smartphone. Successful exploitation of these vulnerabilities may escalate the permission to that of the root user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Time-of-check Time-of-use (TOCTOU) Race Condition"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22369",
"datePublished": "2021-06-30T14:48:09",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40055 (GCVE-0-2021-40055)
Vulnerability from cvelistv5
Published
2022-03-07 13:50
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Man-in-the-middle attack vulnerability
Summary
There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/3/ | x_refsource_MISC | |
| https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.758Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Man-in-the-middle attack vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T13:50:15",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40055",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Man-in-the-middle attack vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/3/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"name": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193",
"refsource": "MISC",
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40055",
"datePublished": "2022-03-07T13:50:15",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.758Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31754 (GCVE-0-2022-31754)
Vulnerability from cvelistv5
Published
2022-06-13 15:06
Modified
2024-08-03 07:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Logical defects vulnerability
Summary
Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.160Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Logical defects vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T15:06:39",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-31754",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Logical defects vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-31754",
"datePublished": "2022-06-13T15:06:39",
"dateReserved": "2022-05-27T00:00:00",
"dateUpdated": "2024-08-03T07:26:01.160Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37001 (GCVE-0-2021-37001)
Vulnerability from cvelistv5
Published
2021-10-28 12:27
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds Write
Summary
There is a Register tampering vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow the register value to be modified.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.756Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Register tampering vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow the register value to be modified."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds Write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:27:42",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37001",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Register tampering vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow the register value to be modified."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37001",
"datePublished": "2021-10-28T12:27:42",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.756Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40047 (GCVE-0-2021-40047)
Vulnerability from cvelistv5
Published
2022-03-07 13:51
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Missing Release of Resource after Effective Lifetime
Summary
There is a vulnerability of memory not being released after effective lifetime in the Bastet module. Successful exploitation of this vulnerability may affect integrity.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/3/ | x_refsource_MISC | |
| https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.452Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability of memory not being released after effective lifetime in the Bastet module. Successful exploitation of this vulnerability may affect integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Missing Release of Resource after Effective Lifetime",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T13:51:07",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40047",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a vulnerability of memory not being released after effective lifetime in the Bastet module. Successful exploitation of this vulnerability may affect integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing Release of Resource after Effective Lifetime"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/3/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"name": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193",
"refsource": "MISC",
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40047",
"datePublished": "2022-03-07T13:51:07",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22413 (GCVE-0-2021-22413)
Vulnerability from cvelistv5
Published
2021-08-02 16:46
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Integer Overflow Vulnerability
Summary
There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.661Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.0"
},
{
"status": "affected",
"version": "8.2"
},
{
"status": "affected",
"version": "8.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Integer Overflow Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T16:46:57",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22413",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.0"
},
{
"version_affected": "=",
"version_value": "8.2"
},
{
"version_affected": "=",
"version_value": "8.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Integer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22413",
"datePublished": "2021-08-02T16:46:57",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-39001 (GCVE-0-2022-39001)
Vulnerability from cvelistv5
Published
2022-09-16 17:57
Modified
2025-06-03 17:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Path traversal vulnerability
Summary
The number identification module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause data disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:32.038Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-39001",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-03T17:52:36.152822Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T17:53:06.495Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The number identification module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause data disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Path traversal vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:57:48.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-39001",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The number identification module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause data disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path traversal vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-39001",
"datePublished": "2022-09-16T17:57:48.000Z",
"dateReserved": "2022-08-29T00:00:00.000Z",
"dateUpdated": "2025-06-03T17:53:06.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22317 (GCVE-0-2021-22317)
Vulnerability from cvelistv5
Published
2021-06-03 15:30
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure Vulnerability
Summary
There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/2/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0 Version: Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/2/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-03T15:30:45",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/2/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22317",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/2/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/2/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22317",
"datePublished": "2021-06-03T15:30:45",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22371 (GCVE-0-2021-22371)
Vulnerability from cvelistv5
Published
2021-06-30 14:57
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper Permission Management
Summary
There is an Improper Permission Management Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/5/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1 Version: Magic UI 4.0.0,Magic UI 3.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.225Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper Permission Management Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Permission Management",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T14:57:55",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22371",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Improper Permission Management Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Permission Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22371",
"datePublished": "2021-06-30T14:57:55",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.225Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22472 (GCVE-0-2021-22472)
Vulnerability from cvelistv5
Published
2021-10-28 12:22
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Insufficiently聽Protected聽Credentials
Summary
There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.731Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insufficiently\u807dProtected\u807dCredentials",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:22:37",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22472",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficiently\u807dProtected\u807dCredentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22472",
"datePublished": "2021-10-28T12:22:37",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36987 (GCVE-0-2021-36987)
Vulnerability from cvelistv5
Published
2021-10-28 12:25
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Double Release
Summary
There is a issue that nodes in the linked list being freed for multiple times in Huawei Smartphone due to race conditions. Successful exploitation of this vulnerability can cause the system to restart.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.694Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a issue that nodes in the linked list being freed for multiple times in Huawei Smartphone due to race conditions. Successful exploitation of this vulnerability can cause the system to restart."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Double Release",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:25:51",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-36987",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a issue that nodes in the linked list being freed for multiple times in Huawei Smartphone due to race conditions. Successful exploitation of this vulnerability can cause the system to restart."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Double Release"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-36987",
"datePublished": "2021-10-28T12:25:51",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.694Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37033 (GCVE-0-2021-37033)
Vulnerability from cvelistv5
Published
2021-11-23 15:16
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Injection attack vulnerability
Summary
There is an Injection attack vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/8/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.552Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Injection attack vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Injection attack vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-23T15:16:00",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37033",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Injection attack vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Injection attack vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/8/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37033",
"datePublished": "2021-11-23T15:16:00",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22373 (GCVE-0-2021-22373)
Vulnerability from cvelistv5
Published
2021-06-30 14:04
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Defects Introduced in the Design Process
Summary
There is a Defects Introduced in the Design Process Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/5/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0,EMUI 10.1.1 Version: Magic UI 4.0.0,Magic UI 3.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0,EMUI 10.1.1"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Defects Introduced in the Design Process Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Defects Introduced in the Design Process",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T14:04:17",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22373",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0,EMUI 10.1.1"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Defects Introduced in the Design Process Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Defects Introduced in the Design Process"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22373",
"datePublished": "2021-06-30T14:04:17",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22254 (GCVE-0-2022-22254)
Vulnerability from cvelistv5
Published
2022-04-11 19:38
Modified
2024-08-03 03:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Permission bypass vulnerability
Summary
A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/4/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:50.190Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Permission bypass vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T19:38:21",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-22254",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Permission bypass vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/4/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-22254",
"datePublished": "2022-04-11T19:38:21",
"dateReserved": "2021-12-22T00:00:00",
"dateUpdated": "2024-08-03T03:07:50.190Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40052 (GCVE-0-2021-40052)
Vulnerability from cvelistv5
Published
2022-03-07 13:50
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Incorrect buffer size calculation vulnerability
Summary
There is an incorrect buffer size calculation vulnerability in the video framework.Successful exploitation of this vulnerability may affect availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/3/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an incorrect buffer size calculation vulnerability in the video framework.Successful exploitation of this vulnerability may affect availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Incorrect buffer size calculation vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-09T20:12:24",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40052",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an incorrect buffer size calculation vulnerability in the video framework.Successful exploitation of this vulnerability may affect availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect buffer size calculation vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/3/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40052",
"datePublished": "2022-03-07T13:50:35",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-38978 (GCVE-0-2022-38978)
Vulnerability from cvelistv5
Published
2022-09-16 17:56
Modified
2024-08-03 11:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuration defects
Summary
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:31.617Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "2.1"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuration defects",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:56:37",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-38978",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
},
{
"version_affected": "=",
"version_value": "2.1"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuration defects"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-38978",
"datePublished": "2022-09-16T17:56:37",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:10:31.617Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22352 (GCVE-0-2021-22352)
Vulnerability from cvelistv5
Published
2021-06-30 20:23
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Configuration Defect
Summary
There is a Configuration Defect Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious commands.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/5/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1 Version: Magic UI 4.0.0,Magic UI 3.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.517Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Configuration Defect Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Configuration Defect",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T20:23:10",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22352",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Configuration Defect Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Configuration Defect"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22352",
"datePublished": "2021-06-30T20:23:10",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37051 (GCVE-0-2021-37051)
Vulnerability from cvelistv5
Published
2021-12-08 14:12
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds read vulnerability
Summary
There is an Out-of-bounds read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds memory access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/9/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.672Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Out-of-bounds read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds memory access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds read vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T14:12:25",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37051",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Out-of-bounds read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds memory access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds read vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37051",
"datePublished": "2021-12-08T14:12:25",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.672Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37004 (GCVE-0-2022-37004)
Vulnerability from cvelistv5
Published
2022-08-09 20:10
Modified
2024-08-03 10:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-box experience bypass vulnerability
Summary
The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE). Successful exploitation of this vulnerability may affect the availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/8/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:32.259Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE). Successful exploitation of this vulnerability may affect the availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-box experience bypass vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-09T20:10:55",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-37004",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE). Successful exploitation of this vulnerability may affect the availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-box experience bypass vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/8/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-37004",
"datePublished": "2022-08-09T20:10:55",
"dateReserved": "2022-07-28T00:00:00",
"dateUpdated": "2024-08-03T10:21:32.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22316 (GCVE-0-2021-22316)
Vulnerability from cvelistv5
Published
2021-06-03 15:42
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Missing Authentication for Critical Function
Summary
There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone. Attackers with physical access to the device can thereby exploit this vulnerability. A successful exploitation of this vulnerability can compromise the device's data security and functional availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/2/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0 Version: Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.517Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/2/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone. Attackers with physical access to the device can thereby exploit this vulnerability. A successful exploitation of this vulnerability can compromise the device\u0027s data security and functional availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Missing Authentication for Critical Function",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-03T15:42:58",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/2/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22316",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone. Attackers with physical access to the device can thereby exploit this vulnerability. A successful exploitation of this vulnerability can compromise the device\u0027s data security and functional availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing Authentication for Critical Function"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/2/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/2/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22316",
"datePublished": "2021-06-03T15:42:58",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40045 (GCVE-0-2021-40045)
Vulnerability from cvelistv5
Published
2022-02-09 22:03
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Missing Support for Integrity Check
Summary
There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/2/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202202-0000001204253396 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.481Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202202-0000001204253396"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Missing Support for Integrity Check",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-09T22:03:55",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202202-0000001204253396"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40045",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing Support for Integrity Check"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/2/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/2/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202202-0000001204253396",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202202-0000001204253396"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40045",
"datePublished": "2022-02-09T22:03:55",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.481Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37053 (GCVE-0-2021-37053)
Vulnerability from cvelistv5
Published
2021-12-08 14:12
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Service logic vulnerability
Summary
There is a Service logic vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/9/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Service logic vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Service logic vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T14:12:34",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37053",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Service logic vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Service logic vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37053",
"datePublished": "2021-12-08T14:12:34",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.664Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22387 (GCVE-0-2021-22387)
Vulnerability from cvelistv5
Published
2021-08-02 16:42
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper Control of Dynamically Managing Code Resources
Summary
There is an Improper Control of Dynamically Managing Code Resources Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to remotely execute commands.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.232Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper Control of Dynamically Managing Code Resources Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to remotely execute commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Control of Dynamically Managing Code Resources",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T16:42:51",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22387",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Improper Control of Dynamically Managing Code Resources Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to remotely execute commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Control of Dynamically Managing Code Resources"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22387",
"datePublished": "2021-08-02T16:42:51",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37119 (GCVE-0-2021-37119)
Vulnerability from cvelistv5
Published
2022-01-03 21:07
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Service logic
Summary
There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/10/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
}
]
},
{
"product": "Harmony OS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Service logic",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-03T21:07:30",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37119",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
},
{
"product_name": "Harmony OS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Service logic"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/10/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37119",
"datePublished": "2022-01-03T21:07:30",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.810Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40026 (GCVE-0-2021-40026)
Vulnerability from cvelistv5
Published
2022-01-07 22:39
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap-based buffer overflow
Summary
There is a Heap-based buffer overflow vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/1/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Heap-based buffer overflow vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-based buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-07T22:39:34",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40026",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Heap-based buffer overflow vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/1/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40026",
"datePublished": "2022-01-07T22:39:34",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.227Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37110 (GCVE-0-2021-37110)
Vulnerability from cvelistv5
Published
2022-01-03 21:07
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Timing design defects
Summary
There is a Timing design defects in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/11/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI;Harmony OS |
Version: EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0 Version: Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1 Version: Harmony OS 2.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.835Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI;Harmony OS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1"
},
{
"status": "affected",
"version": "Harmony OS 2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Timing design defects in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Timing design defects",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-03T21:07:44",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37110",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI;Harmony OS",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1"
},
{
"version_value": "Harmony OS 2.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Timing design defects in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Timing design defects"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/11/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37110",
"datePublished": "2022-01-03T21:07:44",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40031 (GCVE-0-2021-40031)
Vulnerability from cvelistv5
Published
2022-01-07 22:39
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Null pointer dereference
Summary
There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/1/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:30.597Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Null pointer dereference",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-07T22:39:35",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40031",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Null pointer dereference vulnerability in the camera module in smartphones. Successful exploitation of this vulnerability may affect service integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Null pointer dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/1/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40031",
"datePublished": "2022-01-07T22:39:35",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:30.597Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37040 (GCVE-0-2021-37040)
Vulnerability from cvelistv5
Published
2021-12-08 14:11
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Parameter injection vulnerability
Summary
There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause privilege escalation of files after CIFS share mounting.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/9/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.651Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause privilege escalation of files after CIFS share mounting."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Parameter injection vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T14:11:56",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37040",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause privilege escalation of files after CIFS share mounting."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Parameter injection vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37040",
"datePublished": "2021-12-08T14:11:56",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.651Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22385 (GCVE-0-2021-22385)
Vulnerability from cvelistv5
Published
2021-08-10 13:04
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- External Control of System or Configuration Setting
Summary
A component of the Huawei smartphone has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause Kernel Code Execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC | |
| https://device.harmonyos.com/cn/docs/security/update/oem_security_update_phone_202106-0000001165452077 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI;HarmonyOS |
Version: EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0 Version: Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0 Version: HarmonyOS 2.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.299Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/oem_security_update_phone_202106-0000001165452077"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI;HarmonyOS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0"
},
{
"status": "affected",
"version": "HarmonyOS 2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A component of the Huawei smartphone has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause Kernel Code Execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "External Control of System or Configuration Setting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-10T13:04:34",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/oem_security_update_phone_202106-0000001165452077"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22385",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI;HarmonyOS",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0"
},
{
"version_value": "HarmonyOS 2.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A component of the Huawei smartphone has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause Kernel Code Execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "External Control of System or Configuration Setting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"name": "https://device.harmonyos.com/cn/docs/security/update/oem_security_update_phone_202106-0000001165452077",
"refsource": "MISC",
"url": "https://device.harmonyos.com/cn/docs/security/update/oem_security_update_phone_202106-0000001165452077"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22385",
"datePublished": "2021-08-10T13:04:34",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22414 (GCVE-0-2021-22414)
Vulnerability from cvelistv5
Published
2021-08-02 16:47
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Buffer Errors
Summary
There is a Memory Buffer Errors Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.302Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.0"
},
{
"status": "affected",
"version": "8.2"
},
{
"status": "affected",
"version": "8.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Memory Buffer Errors Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Buffer Errors",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T16:47:23",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22414",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.0"
},
{
"version_affected": "=",
"version_value": "8.2"
},
{
"version_affected": "=",
"version_value": "8.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Memory Buffer Errors Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Buffer Errors"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22414",
"datePublished": "2021-08-02T16:47:23",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22381 (GCVE-0-2021-22381)
Vulnerability from cvelistv5
Published
2021-08-02 16:39
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Input Verification Vulnerability
Summary
There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause an infinite loop in DoS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.291Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause an infinite loop in DoS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Input Verification Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T16:39:25",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22381",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause an infinite loop in DoS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Input Verification Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22381",
"datePublished": "2021-08-02T16:39:25",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37047 (GCVE-0-2021-37047)
Vulnerability from cvelistv5
Published
2021-12-07 15:45
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Input verification vulnerability
Summary
There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause some services to restart.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.767Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause some services to restart."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Input verification vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-07T15:45:26",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37047",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause some services to restart."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Input verification vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37047",
"datePublished": "2021-12-07T15:45:26",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.767Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36988 (GCVE-0-2021-36988)
Vulnerability from cvelistv5
Published
2021-10-28 12:26
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Input Verification Vulnerability
Summary
There is a Parameter verification issue in Huawei Smartphone.Successful exploitation of this vulnerability can affect service integrity.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.561Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Parameter verification issue in Huawei Smartphone.Successful exploitation of this vulnerability can affect service integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Input Verification Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T12:26:15",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-36988",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Parameter verification issue in Huawei Smartphone.Successful exploitation of this vulnerability can affect service integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Input Verification Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-36988",
"datePublished": "2021-10-28T12:26:15",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31760 (GCVE-0-2022-31760)
Vulnerability from cvelistv5
Published
2022-06-13 15:03
Modified
2024-08-03 07:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Weaknesses Introduced During Design
Summary
Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this vulnerability may affect data integrity and confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/6/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.204Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "12.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this vulnerability may affect data integrity and confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Weaknesses Introduced During Design",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T15:03:55",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-31760",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "12.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this vulnerability may affect data integrity and confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Weaknesses Introduced During Design"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-31760",
"datePublished": "2022-06-13T15:03:55",
"dateReserved": "2022-05-27T00:00:00",
"dateUpdated": "2024-08-03T07:26:01.204Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37074 (GCVE-0-2021-37074)
Vulnerability from cvelistv5
Published
2021-12-08 14:12
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Race Condition vulnerability
Summary
There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user root privilege escalation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2021/11/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.702Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "4.0.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user root privilege escalation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Race Condition vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T14:12:53",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37074",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user root privilege escalation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Race Condition vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/11/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37074",
"datePublished": "2021-12-08T14:12:53",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.702Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37032 (GCVE-0-2021-37032)
Vulnerability from cvelistv5
Published
2021-11-23 15:15
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Bypass vulnerability
Summary
There is a Bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Digital Balance to fail to work.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/8/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.564Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Digital Balance to fail to work."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Bypass vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-23T15:15:29",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37032",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Digital Balance to fail to work."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Bypass vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/8/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37032",
"datePublished": "2021-11-23T15:15:29",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37038 (GCVE-0-2021-37038)
Vulnerability from cvelistv5
Published
2021-12-07 15:45
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper access control vulnerability
Summary
There is an Improper access control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.635Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper access control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper access control vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-07T15:45:06",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37038",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Improper access control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper access control vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37038",
"datePublished": "2021-12-07T15:45:07",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22391 (GCVE-0-2021-22391)
Vulnerability from cvelistv5
Published
2021-08-02 16:45
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Incorrect Calculation of Buffer Size
Summary
There is an Incorrect Calculation of Buffer Size in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.448Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Incorrect Calculation of Buffer Size in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Incorrect Calculation of Buffer Size",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T16:45:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22391",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Incorrect Calculation of Buffer Size in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect Calculation of Buffer Size"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22391",
"datePublished": "2021-08-02T16:45:01",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.448Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22353 (GCVE-0-2021-22353)
Vulnerability from cvelistv5
Published
2021-06-30 17:06
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Buffer Improper Operation Limit Vulnerability
Summary
There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause the kernel to restart.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/5/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0,EMUI 10.1.1 Version: Magic UI 4.0.0,Magic UI 3.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.527Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0,EMUI 10.1.1"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause the kernel to restart."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Buffer Improper Operation Limit Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T17:06:52",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22353",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0,EMUI 10.1.1"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause the kernel to restart."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Buffer Improper Operation Limit Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22353",
"datePublished": "2021-06-30T17:06:52",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.527Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22394 (GCVE-0-2021-22394)
Vulnerability from cvelistv5
Published
2022-02-25 18:11
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Buffer overflow vulnerability
Summary
There is a buffer overflow vulnerability in smartphones. Successful exploitation of this vulnerability may cause DoS of the apps during Multi-Screen Collaboration.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/7/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202108-0000001181125881 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.293Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202108-0000001181125881"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a buffer overflow vulnerability in smartphones. Successful exploitation of this vulnerability may cause DoS of the apps during Multi-Screen Collaboration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer overflow vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-25T18:11:06",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202108-0000001181125881"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22394",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a buffer overflow vulnerability in smartphones. Successful exploitation of this vulnerability may cause DoS of the apps during Multi-Screen Collaboration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer overflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/7/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202108-0000001181125881",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202108-0000001181125881"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22394",
"datePublished": "2022-02-25T18:11:06",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.293Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40020 (GCVE-0-2021-40020)
Vulnerability from cvelistv5
Published
2022-01-07 22:39
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds array read
Summary
There is an Out-of-bounds array read vulnerability in the security storage module in smartphones. Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/1/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:30.478Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Out-of-bounds array read vulnerability in the security storage module in smartphones. Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds array read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-07T22:39:32",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40020",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Out-of-bounds array read vulnerability in the security storage module in smartphones. Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds array read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/1/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40020",
"datePublished": "2022-01-07T22:39:32",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:30.478Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37035 (GCVE-0-2021-37035)
Vulnerability from cvelistv5
Published
2021-11-23 15:16
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote DoS vulnerability
Summary
There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/8/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.666Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote DoS vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-23T15:16:40",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37035",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote DoS vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/8/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37035",
"datePublished": "2021-11-23T15:16:40",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-46786 (GCVE-0-2021-46786)
Vulnerability from cvelistv5
Published
2022-05-13 15:02
Modified
2024-08-04 05:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds memory access vulnerability
Summary
The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/5/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:17:42.429Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds memory access vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-13T15:02:16",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-46786",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds memory access vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-46786",
"datePublished": "2022-05-13T15:02:16",
"dateReserved": "2022-04-25T00:00:00",
"dateUpdated": "2024-08-04T05:17:42.429Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22444 (GCVE-0-2021-22444)
Vulnerability from cvelistv5
Published
2021-08-02 17:00
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Input Verification Vulnerability
Summary
There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause code injection.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.245Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause code injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Input Verification Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T17:00:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22444",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause code injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Input Verification Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22444",
"datePublished": "2021-08-02T17:00:01",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.245Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-34742 (GCVE-0-2022-34742)
Vulnerability from cvelistv5
Published
2022-07-11 13:53
Modified
2024-08-03 09:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Read/Write vulnerability
Summary
The system module has a read/write vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/7/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149 | x_refsource_MISC | |
| https://consumer.huawei.com/en/support/bulletin/2022/8/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:22:09.283Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The system module has a read/write vulnerability. Successful exploitation of this vulnerability may affect data confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Read/Write vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-09T20:11:50",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-34742",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The system module has a read/write vulnerability. Successful exploitation of this vulnerability may affect data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Read/Write vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
},
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/8/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-34742",
"datePublished": "2022-07-11T13:53:29",
"dateReserved": "2022-06-28T00:00:00",
"dateUpdated": "2024-08-03T09:22:09.283Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37039 (GCVE-0-2021-37039)
Vulnerability from cvelistv5
Published
2021-12-08 14:11
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Input verification vulnerability
Summary
There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Bluetooth DoS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/9/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Bluetooth DoS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Input verification vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-08T14:11:51",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37039",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Bluetooth DoS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Input verification vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/9/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37039",
"datePublished": "2021-12-08T14:11:51",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40063 (GCVE-0-2021-40063)
Vulnerability from cvelistv5
Published
2022-03-07 13:49
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper access control vulnerability
Summary
There is an improper access control vulnerability in the video module. Successful exploitation of this vulnerability may affect confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/3/ | x_refsource_MISC | |
| https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.445Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an improper access control vulnerability in the video module. Successful exploitation of this vulnerability may affect confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper access control vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T13:49:26",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-40063",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an improper access control vulnerability in the video module. Successful exploitation of this vulnerability may affect confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper access control vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/3/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
},
{
"name": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193",
"refsource": "MISC",
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-40063",
"datePublished": "2022-03-07T13:49:26",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22374 (GCVE-0-2021-22374)
Vulnerability from cvelistv5
Published
2021-06-30 14:42
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper Validation of Array Index
Summary
There is an Improper Validation of Array Index Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause stability risks.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/5/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1 Version: Magic UI 4.0.0,Magic UI 3.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.148Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper Validation of Array Index Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause stability risks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Validation of Array Index",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-30T14:42:52",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22374",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Improper Validation of Array Index Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause stability risks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Validation of Array Index"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/5/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/5/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22374",
"datePublished": "2021-06-30T14:42:52",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.148Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22445 (GCVE-0-2021-22445)
Vulnerability from cvelistv5
Published
2021-08-02 17:39
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Input Verification Vulnerability
Summary
There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.315Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Input Verification Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T17:39:34",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22445",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Input Verification Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22445",
"datePublished": "2021-08-02T17:39:34",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.315Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22336 (GCVE-0-2021-22336)
Vulnerability from cvelistv5
Published
2021-06-03 16:30
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper Control of Generation of Code
Summary
There is an Improper Control of Generation of Code vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause denial of security services on a rooted device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/4/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0 Version: Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.545Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Improper Control of Generation of Code vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause denial of security services on a rooted device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Control of Generation of Code",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-03T16:30:27",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22336",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0"
},
{
"version_value": "Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Improper Control of Generation of Code vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause denial of security services on a rooted device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Control of Generation of Code"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/4/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/4/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22336",
"datePublished": "2021-06-03T16:30:27",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.545Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37103 (GCVE-0-2021-37103)
Vulnerability from cvelistv5
Published
2022-02-25 18:11
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper permission management vulnerability
Summary
There is an improper permission management vulnerability in the Wallet apps. Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/10/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an improper permission management vulnerability in the Wallet apps. Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper permission management vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-25T18:11:13",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37103",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an improper permission management vulnerability in the Wallet apps. Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper permission management vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/10/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37103",
"datePublished": "2022-02-25T18:11:13",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.810Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22253 (GCVE-0-2022-22253)
Vulnerability from cvelistv5
Published
2022-04-11 19:38
Modified
2024-08-03 03:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper validation of integrity check values Vulnerability
Summary
The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system stability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/4/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:50.319Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system stability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper validation of integrity check values Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-11T19:38:22",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-22253",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system stability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper validation of integrity check values Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/4/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-22253",
"datePublished": "2022-04-11T19:38:22",
"dateReserved": "2021-12-22T00:00:00",
"dateUpdated": "2024-08-03T03:07:50.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-36600 (GCVE-0-2020-36600)
Vulnerability from cvelistv5
Published
2022-09-16 17:58
Modified
2024-08-04 17:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds write vulnerability
Summary
Out-of-bounds write vulnerability in the power consumption module. Successful exploitation of this vulnerability may cause the system to restart.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/9/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:30:08.525Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write vulnerability in the power consumption module. Successful exploitation of this vulnerability may cause the system to restart."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds write vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T17:58:09",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-36600",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds write vulnerability in the power consumption module. Successful exploitation of this vulnerability may cause the system to restart."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds write vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/9/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-36600",
"datePublished": "2022-09-16T17:58:09",
"dateReserved": "2022-08-24T00:00:00",
"dateUpdated": "2024-08-04T17:30:08.525Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-34743 (GCVE-0-2022-34743)
Vulnerability from cvelistv5
Published
2022-07-11 13:53
Modified
2024-08-03 09:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds read vulnerability
Summary
The AT commands of the USB port have an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2022/7/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:22:09.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "12.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The AT commands of the USB port have an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds read vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-11T13:53:04",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2022-34743",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "12.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AT commands of the USB port have an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds read vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2022/7/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2022-34743",
"datePublished": "2022-07-11T13:53:04",
"dateReserved": "2022-06-28T00:00:00",
"dateUpdated": "2024-08-03T09:22:09.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22415 (GCVE-0-2021-22415)
Vulnerability from cvelistv5
Published
2021-08-02 16:48
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Incorrect Calculation of Buffer Size
Summary
There is an Incorrect Calculation of Buffer Size Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause kernel exceptions with the code.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Incorrect Calculation of Buffer Size Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause kernel exceptions with the code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Incorrect Calculation of Buffer Size",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T16:48:38",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22415",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Incorrect Calculation of Buffer Size Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause kernel exceptions with the code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect Calculation of Buffer Size"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22415",
"datePublished": "2021-08-02T16:48:38",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-39974 (GCVE-0-2021-39974)
Vulnerability from cvelistv5
Published
2022-01-03 21:07
Modified
2024-08-04 02:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds read
Summary
There is an Out-of-bounds read in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/11/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:20:34.242Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "3.1.0"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Out-of-bounds read in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-03T21:07:44",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-39974",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "10.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.0"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Out-of-bounds read in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/11/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-39974",
"datePublished": "2022-01-03T21:07:44",
"dateReserved": "2021-08-23T00:00:00",
"dateUpdated": "2024-08-04T02:20:34.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22430 (GCVE-0-2021-22430)
Vulnerability from cvelistv5
Published
2022-02-25 18:11
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Logic bypass vulnerability
Summary
There is a logic bypass vulnerability in smartphones. Successful exploitation of this vulnerability may cause code injection.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.163Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
},
{
"product": "HarmonyOS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a logic bypass vulnerability in smartphones. Successful exploitation of this vulnerability may cause code injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Logic bypass vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-25T18:11:10",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22430",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
},
{
"product_name": "HarmonyOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a logic bypass vulnerability in smartphones. Successful exploitation of this vulnerability may cause code injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Logic bypass vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202107-0000001170634565"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22430",
"datePublished": "2022-02-25T18:11:10",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:13.163Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37117 (GCVE-0-2021-37117)
Vulnerability from cvelistv5
Published
2022-01-03 21:07
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Service logic
Summary
There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/10/ | x_refsource_MISC | |
| https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.854Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
}
]
},
{
"product": "Harmony OS",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Service logic",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-03T21:07:29",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37117",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.1"
},
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
}
]
}
},
{
"product_name": "Harmony OS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Service logic"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/10/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/10/"
},
{
"name": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526",
"refsource": "MISC",
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202110-0000001162998526"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37117",
"datePublished": "2022-01-03T21:07:29",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.854Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9138 (GCVE-0-2020-9138)
Vulnerability from cvelistv5
Published
2021-01-13 22:00
Modified
2024-08-04 10:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap-based Buffer Overflow
Summary
There is a heap-based buffer overflow vulnerability in some Huawei Smartphone, Successful exploit of this vulnerability can cause process exceptions during updating.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2020/12/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0 Version: Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.023Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0"
},
{
"status": "affected",
"version": "Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a heap-based buffer overflow vulnerability in some Huawei Smartphone, Successful exploit of this vulnerability can cause process exceptions during updating."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-based Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-13T22:00:00",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9138",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0"
},
{
"version_value": "Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a heap-based buffer overflow vulnerability in some Huawei Smartphone, Successful exploit of this vulnerability can cause process exceptions during updating."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2020/12/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9138",
"datePublished": "2021-01-13T22:00:00",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22322 (GCVE-0-2021-22322)
Vulnerability from cvelistv5
Published
2021-06-03 15:49
Modified
2024-08-03 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Missing Authentication for Critical Function
Summary
There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/3/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 11.0.0 Version: Magic UI 4.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.518Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/3/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 11.0.0"
},
{
"status": "affected",
"version": "Magic UI 4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Missing Authentication for Critical Function",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-03T15:49:12",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/3/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22322",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 11.0.0"
},
{
"version_value": "Magic UI 4.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing Authentication for Critical Function"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/3/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/3/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22322",
"datePublished": "2021-06-03T15:49:12",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.518Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37031 (GCVE-0-2021-37031)
Vulnerability from cvelistv5
Published
2021-11-23 15:15
Modified
2024-08-04 01:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote DoS vulnerability
Summary
There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/8/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.561Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote DoS vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-23T15:15:05",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37031",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote DoS vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/8/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/8/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37031",
"datePublished": "2021-11-23T15:15:05",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:09:07.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9145 (GCVE-0-2020-9145)
Vulnerability from cvelistv5
Published
2021-01-13 19:40
Modified
2024-08-04 10:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds Write
Summary
There is an Out-of-bounds Write vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability may cause out-of-bounds access to the physical memory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2020/12/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | EMUI;Magic UI |
Version: EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0 Version: Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:19:20.036Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI;Magic UI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0"
},
{
"status": "affected",
"version": "Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Out-of-bounds Write vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability may cause out-of-bounds access to the physical memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds Write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-13T19:40:05",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-9145",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI;Magic UI",
"version": {
"version_data": [
{
"version_value": "EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0"
},
{
"version_value": "Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Out-of-bounds Write vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability may cause out-of-bounds access to the physical memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2020/12/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-9145",
"datePublished": "2021-01-13T19:40:05",
"dateReserved": "2020-02-18T00:00:00",
"dateUpdated": "2024-08-04T10:19:20.036Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22443 (GCVE-0-2021-22443)
Vulnerability from cvelistv5
Published
2021-08-02 16:58
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Input Verification Vulnerability
Summary
There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause random address access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://consumer.huawei.com/en/support/bulletin/2021/6/ | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.980Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EMUI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "11.0.0"
},
{
"status": "affected",
"version": "10.1.1"
},
{
"status": "affected",
"version": "10.1.0"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "9.1.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
},
{
"product": "Magic UI",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "2.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause random address access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Input Verification Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-02T16:58:41",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22443",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EMUI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.0.0"
},
{
"version_affected": "=",
"version_value": "10.1.1"
},
{
"version_affected": "=",
"version_value": "10.1.0"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "9.1.1"
},
{
"version_affected": "=",
"version_value": "9.1.0"
}
]
}
},
{
"product_name": "Magic UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.0"
},
{
"version_affected": "=",
"version_value": "3.1.1"
},
{
"version_affected": "=",
"version_value": "3.1.0"
},
{
"version_affected": "=",
"version_value": "3.0.0"
},
{
"version_affected": "=",
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause random address access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Input Verification Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://consumer.huawei.com/en/support/bulletin/2021/6/",
"refsource": "MISC",
"url": "https://consumer.huawei.com/en/support/bulletin/2021/6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22443",
"datePublished": "2021-08-02T16:58:41",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.980Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}