Details of VAR-202205-1188

ID

VAR-202205-1188

CVE

CVE-2021-46789

TITLE

Huawei of EMUI and Magic UI Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-009691

DESCRIPTION

Configuration defects in the secure OS module. Successful exploitation of this vulnerability can affect availability. Huawei of EMUI and Magic UI Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. HUAWEI EMUI is a mobile operating system developed by China Huawei (HUAWEI) based on Android

Trust: 1.8

sources: NVD: CVE-2021-46789 // JVNDB: JVNDB-2022-009691 // VULHUB: VHN-419301 // VULMON: CVE-2021-46789

AFFECTED PRODUCTS

vendor:	huawei	model:	emui	scope:	eq	version:	10.0.0	Trust: 1.0
vendor:	huawei	model:	emui	scope:	eq	version:	10.1.0	Trust: 1.0
vendor:	huawei	model:	magic ui	scope:	eq	version:	3.1.0	Trust: 1.0
vendor:	huawei	model:	magic ui	scope:	eq	version:	3.1.1	Trust: 1.0
vendor:	huawei	model:	emui	scope:	eq	version:	12.0.0	Trust: 1.0
vendor:	huawei	model:	emui	scope:	eq	version:	10.1.1	Trust: 1.0
vendor:	huawei	model:	magic ui	scope:	eq	version:	3.0.0	Trust: 1.0
vendor:	huawei	model:	emui	scope:	eq	version:	11.0.1	Trust: 1.0
vendor:	huawei	model:	emui	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	magic ui	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-009691 // NVD: CVE-2021-46789

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-46789
value:	HIGH
Trust: 1.0
NVD:	CVE-2021-46789
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202205-3330
value:	HIGH
Trust: 0.6
VULHUB:	VHN-419301
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-46789
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-419301
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-46789
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2021-46789
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-419301 // JVNDB: JVNDB-2022-009691 // CNNVD: CNNVD-202205-3330 // NVD: CVE-2021-46789

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-009691 // NVD: CVE-2021-46789

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202205-3330

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202205-3330

PATCH

title:

HUAWEI EMUI Security vulnerabilities

url:

http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=193836

Trust: 0.6

sources: CNNVD: CNNVD-202205-3330

EXTERNAL IDS

db:	NVD	id:	CVE-2021-46789	Trust: 3.4
db:	JVNDB	id:	JVNDB-2022-009691	Trust: 0.8
db:	CNNVD	id:	CNNVD-202205-3330	Trust: 0.7
db:	CNVD	id:	CNVD-2022-43212	Trust: 0.1
db:	VULHUB	id:	VHN-419301	Trust: 0.1
db:	VULMON	id:	CVE-2021-46789	Trust: 0.1

sources: VULHUB: VHN-419301 // VULMON: CVE-2021-46789 // JVNDB: JVNDB-2022-009691 // CNNVD: CNNVD-202205-3330 // NVD: CVE-2021-46789

REFERENCES

url:	https://consumer.huawei.com/en/support/bulletin/2022/5/	Trust: 2.6
url:	https://consumer.huawei.com/en/support/bulletin/2022/6/	Trust: 2.5
url:	https://nvd.nist.gov/vuln/detail/cve-2021-46789	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2021-46789/	Trust: 0.6
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-419301 // VULMON: CVE-2021-46789 // JVNDB: JVNDB-2022-009691 // CNNVD: CNNVD-202205-3330 // NVD: CVE-2021-46789

SOURCES

db:	VULHUB	id:	VHN-419301
db:	VULMON	id:	CVE-2021-46789
db:	JVNDB	id:	JVNDB-2022-009691
db:	CNNVD	id:	CNNVD-202205-3330
db:	NVD	id:	CVE-2021-46789

LAST UPDATE DATE

2024-08-14T15:00:58.450000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-419301	date:	2023-02-01T00:00:00
db:	VULMON	id:	CVE-2021-46789	date:	2022-05-13T00:00:00
db:	JVNDB	id:	JVNDB-2022-009691	date:	2023-08-07T08:15:00
db:	CNNVD	id:	CNNVD-202205-3330	date:	2022-06-14T00:00:00
db:	NVD	id:	CVE-2021-46789	date:	2023-02-01T14:19:39.810

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-419301	date:	2022-05-13T00:00:00
db:	VULMON	id:	CVE-2021-46789	date:	2022-05-13T00:00:00
db:	JVNDB	id:	JVNDB-2022-009691	date:	2023-08-07T00:00:00
db:	CNNVD	id:	CNNVD-202205-3330	date:	2022-05-13T00:00:00
db:	NVD	id:	CVE-2021-46789	date:	2022-05-13T15:15:08.617