Sign-up

ID

VAR-202205-0439


CVE

CVE-2021-46785


TITLE

Huawei  of  EMUI  and  HarmonyOS  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-009695

DESCRIPTION

The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier. Huawei of EMUI and HarmonyOS Exists in unspecified vulnerabilities.Information may be obtained. HUAWEI HarmonyOS is an operating system of China's Huawei (HUAWEI). Provide a microkernel-based full-scenario distributed operating system

Trust: 1.8

sources: NVD: CVE-2021-46785 // JVNDB: JVNDB-2022-009695 // VULHUB: VHN-419297 // VULMON: CVE-2021-46785

AFFECTED PRODUCTS

vendor:huaweimodel:emuiscope:eqversion:12.0.0

Trust: 1.0

vendor:huaweimodel:harmonyosscope:eqversion:2.0

Trust: 1.0

vendor:huaweimodel:emuiscope: - version: -

Trust: 0.8

vendor:huaweimodel:harmonyosscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-009695 // NVD: CVE-2021-46785

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-46785
value: MEDIUM

Trust: 1.0

NVD: CVE-2021-46785
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202205-2544
value: MEDIUM

Trust: 0.6

VULHUB: VHN-419297
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-46785
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-419297
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-46785
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

NVD: CVE-2021-46785
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-419297 // JVNDB: JVNDB-2022-009695 // CNNVD: CNNVD-202205-2544 // NVD: CVE-2021-46785

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-009695 // NVD: CVE-2021-46785

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202205-2544

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202205-2544

PATCH

title:HUAWEI HarmonyOS Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=192868

Trust: 0.6

sources: CNNVD: CNNVD-202205-2544

EXTERNAL IDS

db:NVDid:CVE-2021-46785

Trust: 3.4

db:JVNDBid:JVNDB-2022-009695

Trust: 0.8

db:CNNVDid:CNNVD-202205-2544

Trust: 0.6

db:CNVDid:CNVD-2022-41788

Trust: 0.1

db:VULHUBid:VHN-419297

Trust: 0.1

db:VULMONid:CVE-2021-46785

Trust: 0.1

sources: VULHUB: VHN-419297 // VULMON: CVE-2021-46785 // JVNDB: JVNDB-2022-009695 // CNNVD: CNNVD-202205-2544 // NVD: CVE-2021-46785

REFERENCES

url:https://consumer.huawei.com/en/support/bulletin/2022/5/

Trust: 2.6

url:https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202205-0000001245813162

Trust: 2.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-46785

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2021-46785/

Trust: 0.6

url:https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202205-0000001292610341

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-419297 // VULMON: CVE-2021-46785 // JVNDB: JVNDB-2022-009695 // CNNVD: CNNVD-202205-2544 // NVD: CVE-2021-46785

SOURCES

db:VULHUBid:VHN-419297
db:VULMONid:CVE-2021-46785
db:JVNDBid:JVNDB-2022-009695
db:CNNVDid:CNNVD-202205-2544
db:NVDid:CVE-2021-46785

LAST UPDATE DATE

2024-08-14T14:10:50.267000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-419297date:2022-07-12T00:00:00
db:VULMONid:CVE-2021-46785date:2022-05-13T00:00:00
db:JVNDBid:JVNDB-2022-009695date:2023-08-07T08:16:00
db:CNNVDid:CNNVD-202205-2544date:2022-07-14T00:00:00
db:NVDid:CVE-2021-46785date:2022-07-12T17:42:04.277

SOURCES RELEASE DATE

db:VULHUBid:VHN-419297date:2022-05-13T00:00:00
db:VULMONid:CVE-2021-46785date:2022-05-13T00:00:00
db:JVNDBid:JVNDB-2022-009695date:2023-08-07T00:00:00
db:CNNVDid:CNNVD-202205-2544date:2022-05-05T00:00:00
db:NVDid:CVE-2021-46785date:2022-05-13T15:15:08.410