Sign-up

ID

VAR-202106-1930


CVE

CVE-2021-22308


TITLE

Huawei  Vulnerability in smartphones

Trust: 0.8

sources: JVNDB: JVNDB-2021-007562

DESCRIPTION

There is a Business Logic Errors vulnerability in Huawei Smartphone. The malicious apps installed on the device can keep taking screenshots in the background. This issue does not cause system errors, but may cause personal information leakage. Huawei There are unspecified vulnerabilities in smartphones.Information may be obtained. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company

Trust: 1.71

sources: NVD: CVE-2021-22308 // JVNDB: JVNDB-2021-007562 // VULHUB: VHN-380743

AFFECTED PRODUCTS

vendor:huaweimodel:emuiscope:eqversion:11.0.0

Trust: 1.0

vendor:huaweimodel:emuiscope:eqversion:10.0.0

Trust: 1.0

vendor:huaweimodel:magic uiscope:eqversion:4.0.0

Trust: 1.0

vendor:huaweimodel:magic uiscope:eqversion:3.1.0

Trust: 1.0

vendor:huaweimodel:magic uiscope:eqversion:3.1.1

Trust: 1.0

vendor:huaweimodel:emuiscope:eqversion:10.1.1

Trust: 1.0

vendor:huaweimodel:magic uiscope:eqversion:3.0.0

Trust: 1.0

vendor:huaweimodel:emuiscope:eqversion:10.1.0

Trust: 1.0

vendor:huaweimodel:magic uiscope: - version: -

Trust: 0.8

vendor:huaweimodel:emuiscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-007562 // NVD: CVE-2021-22308

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-22308
value: LOW

Trust: 1.0

NVD: CVE-2021-22308
value: LOW

Trust: 0.8

CNNVD: CNNVD-202106-230
value: LOW

Trust: 0.6

VULHUB: VHN-380743
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2021-22308
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-380743
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-22308
baseSeverity: LOW
baseScore: 3.3
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 1.4
version: 3.1

Trust: 1.0

NVD: CVE-2021-22308
baseSeverity: LOW
baseScore: 3.3
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-380743 // JVNDB: JVNDB-2021-007562 // CNNVD: CNNVD-202106-230 // NVD: CVE-2021-22308

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD Evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-007562 // NVD: CVE-2021-22308

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202106-230

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202106-230

PATCH

title:Huawei EMUI/Magic UI security updates February 2021url:https://consumer.huawei.com/en/support/bulletin/2021/2/

Trust: 0.8

title:Repair measures for vulnerabilities in processing logic errors in Huawei smartphonesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=153892

Trust: 0.6

sources: JVNDB: JVNDB-2021-007562 // CNNVD: CNNVD-202106-230

EXTERNAL IDS

db:NVDid:CVE-2021-22308

Trust: 3.3

db:JVNDBid:JVNDB-2021-007562

Trust: 0.8

db:CNNVDid:CNNVD-202106-230

Trust: 0.7

db:VULHUBid:VHN-380743

Trust: 0.1

sources: VULHUB: VHN-380743 // JVNDB: JVNDB-2021-007562 // CNNVD: CNNVD-202106-230 // NVD: CVE-2021-22308

REFERENCES

url:https://consumer.huawei.com/en/support/bulletin/2021/2/

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2021-22308

Trust: 0.8

sources: VULHUB: VHN-380743 // JVNDB: JVNDB-2021-007562 // CNNVD: CNNVD-202106-230 // NVD: CVE-2021-22308

SOURCES

db:VULHUBid:VHN-380743
db:JVNDBid:JVNDB-2021-007562
db:CNNVDid:CNNVD-202106-230
db:NVDid:CVE-2021-22308

LAST UPDATE DATE

2024-08-14T13:43:27.906000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-380743date:2022-05-03T00:00:00
db:JVNDBid:JVNDB-2021-007562date:2022-02-17T05:09:00
db:CNNVDid:CNNVD-202106-230date:2022-05-06T00:00:00
db:NVDid:CVE-2021-22308date:2022-05-03T16:04:40.443

SOURCES RELEASE DATE

db:VULHUBid:VHN-380743date:2021-06-03T00:00:00
db:JVNDBid:JVNDB-2021-007562date:2022-02-17T00:00:00
db:CNNVDid:CNNVD-202106-230date:2021-06-03T00:00:00
db:NVDid:CVE-2021-22308date:2021-06-03T16:15:10.753