Details of VAR-202207-0132

ID

VAR-202207-0132

CVE

CVE-2021-46741

TITLE

HUAWEI HarmonyOS Security hole

Trust: 0.6

sources: CNNVD: CNNVD-202207-409

DESCRIPTION

The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity. HUAWEI HarmonyOS is an operating system of China's Huawei (HUAWEI). Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in HUAWEI HarmonyOS 2.0

Trust: 1.08

sources: NVD: CVE-2021-46741 // VULHUB: VHN-418650 // VULMON: CVE-2021-46741

AFFECTED PRODUCTS

vendor:	huawei	model:	magic ui	scope:	eq	version:	3.1.0	Trust: 1.0
vendor:	huawei	model:	magic ui	scope:	eq	version:	3.0.0	Trust: 1.0
vendor:	huawei	model:	emui	scope:	eq	version:	10.1.0	Trust: 1.0
vendor:	huawei	model:	emui	scope:	eq	version:	11.0.0	Trust: 1.0
vendor:	huawei	model:	emui	scope:	eq	version:	10.0.0	Trust: 1.0
vendor:	huawei	model:	harmonyos	scope:	eq	version:	2.0	Trust: 1.0
vendor:	huawei	model:	magic ui	scope:	eq	version:	4.0.0	Trust: 1.0
vendor:	huawei	model:	magic ui	scope:	eq	version:	3.1.1	Trust: 1.0
vendor:	huawei	model:	emui	scope:	eq	version:	12.0.0	Trust: 1.0
vendor:	huawei	model:	emui	scope:	eq	version:	10.1.1	Trust: 1.0
vendor:	huawei	model:	emui	scope:	eq	version:	11.0.1	Trust: 1.0

sources: NVD: CVE-2021-46741

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-46741
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-202207-409
value:	HIGH
Trust: 0.6
VULHUB:	VHN-418650
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2021-46741
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-46741
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
VULHUB:	VHN-418650
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-46741
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-418650 // VULMON: CVE-2021-46741 // CNNVD: CNNVD-202207-409 // NVD: CVE-2021-46741

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2021-46741

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202207-409

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202207-409

PATCH

title:

HUAWEI HarmonyOS Security vulnerabilities

url:

http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=200693

Trust: 0.6

sources: CNNVD: CNNVD-202207-409

EXTERNAL IDS

db:	NVD	id:	CVE-2021-46741	Trust: 1.8
db:	CNNVD	id:	CNNVD-202207-409	Trust: 0.7
db:	CNVD	id:	CNVD-2022-57613	Trust: 0.1
db:	VULHUB	id:	VHN-418650	Trust: 0.1
db:	VULMON	id:	CVE-2021-46741	Trust: 0.1

sources: VULHUB: VHN-418650 // VULMON: CVE-2021-46741 // CNNVD: CNNVD-202207-409 // NVD: CVE-2021-46741

REFERENCES

url:	https://consumer.huawei.com/en/support/bulletin/2022/7/	Trust: 1.8
url:	https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202207-0000001342389149	Trust: 1.8
url:	https://consumer.huawei.com/en/support/bulletin/2022/8/	Trust: 1.7
url:	https://cxsecurity.com/cveshow/cve-2021-46741/	Trust: 0.6
url:	https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202207-0000001289909300	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-418650 // VULMON: CVE-2021-46741 // CNNVD: CNNVD-202207-409 // NVD: CVE-2021-46741

SOURCES

db:	VULHUB	id:	VHN-418650
db:	VULMON	id:	CVE-2021-46741
db:	CNNVD	id:	CNNVD-202207-409
db:	NVD	id:	CVE-2021-46741

LAST UPDATE DATE

2024-08-14T15:00:55.135000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-418650	date:	2022-12-12T00:00:00
db:	VULMON	id:	CVE-2021-46741	date:	2022-07-18T00:00:00
db:	CNNVD	id:	CNNVD-202207-409	date:	2022-08-11T00:00:00
db:	NVD	id:	CVE-2021-46741	date:	2022-12-12T21:08:02.043

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-418650	date:	2022-07-12T00:00:00
db:	VULMON	id:	CVE-2021-46741	date:	2022-07-12T00:00:00
db:	CNNVD	id:	CNNVD-202207-409	date:	2022-07-05T00:00:00
db:	NVD	id:	CVE-2021-46741	date:	2022-07-12T14:15:14.857