Sign-up

ID

VAR-202202-0419


CVE

CVE-2021-40044


TITLE

EMUI  and  Magic UI  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-005384

DESCRIPTION

There is a permission verification vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may cause unauthorized operations. EMUI and Magic UI Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Huawei Emui is an Android-based mobile operating system developed by China's Huawei (Huawei)

Trust: 1.71

sources: NVD: CVE-2021-40044 // JVNDB: JVNDB-2022-005384 // VULHUB: VHN-401445

AFFECTED PRODUCTS

vendor:huaweimodel:emuiscope:eqversion:11.0.0

Trust: 1.0

vendor:huaweimodel:emuiscope:eqversion:10.1.0

Trust: 1.0

vendor:huaweimodel:magic uiscope:eqversion:4.0.0

Trust: 1.0

vendor:huaweimodel:magic uiscope:eqversion:3.1.0

Trust: 1.0

vendor:huaweimodel:magic uiscope:eqversion:3.1.1

Trust: 1.0

vendor:huaweimodel:emuiscope:eqversion:12.0.0

Trust: 1.0

vendor:huaweimodel:emuiscope:eqversion:10.1.1

Trust: 1.0

vendor:huaweimodel:emuiscope:eqversion:11.0.1

Trust: 1.0

vendor:huaweimodel:magic uiscope: - version: -

Trust: 0.8

vendor:huaweimodel:emuiscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-005384 // NVD: CVE-2021-40044

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-40044
value: HIGH

Trust: 1.0

NVD: CVE-2021-40044
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202202-861
value: HIGH

Trust: 0.6

VULHUB: VHN-401445
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-40044
severity: MEDIUM
baseScore: 5.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-401445
severity: MEDIUM
baseScore: 5.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-40044
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2021-40044
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-401445 // JVNDB: JVNDB-2022-005384 // CNNVD: CNNVD-202202-861 // NVD: CVE-2021-40044

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:others (CWE-Other) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-005384 // NVD: CVE-2021-40044

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202202-861

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202202-861

PATCH

title:HUAWEI EMUI/Magic UI security updates February 2022url:https://consumer.huawei.com/en/support/bulletin/2022/2/

Trust: 0.8

title:Huawei EMUI Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=184121

Trust: 0.6

sources: JVNDB: JVNDB-2022-005384 // CNNVD: CNNVD-202202-861

EXTERNAL IDS

db:NVDid:CVE-2021-40044

Trust: 3.3

db:JVNDBid:JVNDB-2022-005384

Trust: 0.8

db:CNNVDid:CNNVD-202202-861

Trust: 0.6

db:CNVDid:CNVD-2022-12804

Trust: 0.1

db:VULHUBid:VHN-401445

Trust: 0.1

sources: VULHUB: VHN-401445 // JVNDB: JVNDB-2022-005384 // CNNVD: CNNVD-202202-861 // NVD: CVE-2021-40044

REFERENCES

url:https://consumer.huawei.com/en/support/bulletin/2022/2/

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2021-40044

Trust: 1.4

sources: VULHUB: VHN-401445 // JVNDB: JVNDB-2022-005384 // CNNVD: CNNVD-202202-861 // NVD: CVE-2021-40044

SOURCES

db:VULHUBid:VHN-401445
db:JVNDBid:JVNDB-2022-005384
db:CNNVDid:CNNVD-202202-861
db:NVDid:CVE-2021-40044

LAST UPDATE DATE

2024-08-14T13:22:41.252000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-401445date:2022-07-12T00:00:00
db:JVNDBid:JVNDB-2022-005384date:2023-05-30T04:49:00
db:CNNVDid:CNNVD-202202-861date:2022-07-14T00:00:00
db:NVDid:CVE-2021-40044date:2022-07-12T17:42:04.277

SOURCES RELEASE DATE

db:VULHUBid:VHN-401445date:2022-02-09T00:00:00
db:JVNDBid:JVNDB-2022-005384date:2023-05-30T00:00:00
db:CNNVDid:CNNVD-202202-861date:2022-02-09T00:00:00
db:NVDid:CVE-2021-40044date:2022-02-09T23:15:16.357