Sign-up

ID

VAR-202110-1418


CVE

CVE-2021-22403


TITLE

Huawei  Vulnerabilities in smartphones

Trust: 0.8

sources: JVNDB: JVNDB-2021-014459

DESCRIPTION

There is a vulnerability of hijacking unverified providers in Huawei Smartphone.Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious commands. Huawei Smartphones have unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2021-22403 // JVNDB: JVNDB-2021-014459 // VULHUB: VHN-380838

AFFECTED PRODUCTS

vendor:huaweimodel:magic uiscope:eqversion:3.1.0

Trust: 1.0

vendor:huaweimodel:emuiscope:eqversion:9.1.0

Trust: 1.0

vendor:huaweimodel:magic uiscope:eqversion:2.1.1

Trust: 1.0

vendor:huaweimodel:emuiscope:eqversion:9.1.1

Trust: 1.0

vendor:huaweimodel:magic uiscope:eqversion:3.0.0

Trust: 1.0

vendor:huaweimodel:emuiscope:eqversion:10.1.0

Trust: 1.0

vendor:huaweimodel:emuiscope:eqversion:11.0.0

Trust: 1.0

vendor:huaweimodel:emuiscope:eqversion:10.0.0

Trust: 1.0

vendor:huaweimodel:magic uiscope:eqversion:4.0.0

Trust: 1.0

vendor:huaweimodel:magic uiscope:eqversion:3.1.1

Trust: 1.0

vendor:huaweimodel:emuiscope:eqversion:10.1.1

Trust: 1.0

vendor:huaweimodel:emuiscope: - version: -

Trust: 0.8

vendor:huaweimodel:magic uiscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-014459 // NVD: CVE-2021-22403

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-22403
value: CRITICAL

Trust: 1.0

NVD: CVE-2021-22403
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-202110-2034
value: CRITICAL

Trust: 0.6

VULHUB: VHN-380838
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2021-22403
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-380838
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-22403
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2021-22403
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-380838 // JVNDB: JVNDB-2021-014459 // CNNVD: CNNVD-202110-2034 // NVD: CVE-2021-22403

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-014459 // NVD: CVE-2021-22403

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202110-2034

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202110-2034

PATCH

title:HUAWEI EMUI/Magic UI security updates July 2021url:https://consumer.huawei.com/en/support/bulletin/2021/7/

Trust: 0.8

title:Huawei Smartphone Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=168385

Trust: 0.6

sources: JVNDB: JVNDB-2021-014459 // CNNVD: CNNVD-202110-2034

EXTERNAL IDS

db:NVDid:CVE-2021-22403

Trust: 3.3

db:JVNDBid:JVNDB-2021-014459

Trust: 0.8

db:CNNVDid:CNNVD-202110-2034

Trust: 0.6

db:VULHUBid:VHN-380838

Trust: 0.1

sources: VULHUB: VHN-380838 // JVNDB: JVNDB-2021-014459 // CNNVD: CNNVD-202110-2034 // NVD: CVE-2021-22403

REFERENCES

url:https://consumer.huawei.com/en/support/bulletin/2021/7/

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2021-22403

Trust: 0.8

sources: VULHUB: VHN-380838 // JVNDB: JVNDB-2021-014459 // CNNVD: CNNVD-202110-2034 // NVD: CVE-2021-22403

SOURCES

db:VULHUBid:VHN-380838
db:JVNDBid:JVNDB-2021-014459
db:CNNVDid:CNNVD-202110-2034
db:NVDid:CVE-2021-22403

LAST UPDATE DATE

2024-08-14T14:37:51.054000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-380838date:2021-11-02T00:00:00
db:JVNDBid:JVNDB-2021-014459date:2022-10-19T03:59:00
db:CNNVDid:CNNVD-202110-2034date:2021-11-03T00:00:00
db:NVDid:CVE-2021-22403date:2021-11-02T14:41:12.773

SOURCES RELEASE DATE

db:VULHUBid:VHN-380838date:2021-10-28T00:00:00
db:JVNDBid:JVNDB-2021-014459date:2022-10-19T00:00:00
db:CNNVDid:CNNVD-202110-2034date:2021-10-28T00:00:00
db:NVDid:CVE-2021-22403date:2021-10-28T13:15:08.530