Sign-up

ID

VAR-202112-0355


CVE

CVE-2021-37037


TITLE

plural  Huawei  Vulnerabilities in smartphone products

Trust: 0.8

sources: JVNDB: JVNDB-2021-015889

DESCRIPTION

There is an Invalid address access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart. plural Huawei Smartphone products have unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2021-37037 // JVNDB: JVNDB-2021-015889 // VULHUB: VHN-398870

AFFECTED PRODUCTS

vendor:huaweimodel:emuiscope:eqversion:11.0.0

Trust: 1.0

vendor:huaweimodel:magic uiscope:eqversion:4.0.0

Trust: 1.0

vendor:huaweimodel:harmonyosscope:ltversion:2.0

Trust: 1.0

vendor:huaweimodel:magic uiscope:eqversion:3.1.1

Trust: 1.0

vendor:huaweimodel:emuiscope:eqversion:10.1.1

Trust: 1.0

vendor:huaweimodel:harmonyosscope: - version: -

Trust: 0.8

vendor:huaweimodel:magic uiscope: - version: -

Trust: 0.8

vendor:huaweimodel:emuiscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-015889 // NVD: CVE-2021-37037

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-37037
value: HIGH

Trust: 1.0

NVD: CVE-2021-37037
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202109-2049
value: HIGH

Trust: 0.6

VULHUB: VHN-398870
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2021-37037
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-398870
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-37037
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2021-37037
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-398870 // JVNDB: JVNDB-2021-015889 // CNNVD: CNNVD-202109-2049 // NVD: CVE-2021-37037

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-015889 // NVD: CVE-2021-37037

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202109-2049

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202109-2049

PATCH

title:Invalid address access vulnerability in some HUAWEI devicesurl:https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727

Trust: 0.8

title:Huawei HarmonyOS Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=173802

Trust: 0.6

sources: JVNDB: JVNDB-2021-015889 // CNNVD: CNNVD-202109-2049

EXTERNAL IDS

db:NVDid:CVE-2021-37037

Trust: 3.3

db:JVNDBid:JVNDB-2021-015889

Trust: 0.8

db:CNNVDid:CNNVD-202109-2049

Trust: 0.6

db:VULHUBid:VHN-398870

Trust: 0.1

sources: VULHUB: VHN-398870 // JVNDB: JVNDB-2021-015889 // CNNVD: CNNVD-202109-2049 // NVD: CVE-2021-37037

REFERENCES

url:https://consumer.huawei.com/en/support/bulletin/2021/9/

Trust: 1.7

url:https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2021-37037

Trust: 0.8

url:https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202109-0000001196270727

Trust: 0.6

sources: VULHUB: VHN-398870 // JVNDB: JVNDB-2021-015889 // CNNVD: CNNVD-202109-2049 // NVD: CVE-2021-37037

SOURCES

db:VULHUBid:VHN-398870
db:JVNDBid:JVNDB-2021-015889
db:CNNVDid:CNNVD-202109-2049
db:NVDid:CVE-2021-37037

LAST UPDATE DATE

2024-08-14T14:31:29.628000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-398870date:2021-12-09T00:00:00
db:JVNDBid:JVNDB-2021-015889date:2022-12-01T07:34:00
db:CNNVDid:CNNVD-202109-2049date:2021-12-10T00:00:00
db:NVDid:CVE-2021-37037date:2021-12-09T17:51:40.283

SOURCES RELEASE DATE

db:VULHUBid:VHN-398870date:2021-12-08T00:00:00
db:JVNDBid:JVNDB-2021-015889date:2022-12-01T00:00:00
db:CNNVDid:CNNVD-202109-2049date:2021-09-05T00:00:00
db:NVDid:CVE-2021-37037date:2021-12-08T15:15:09.147