Sign-up

ID

VAR-202209-0200


CVE

CVE-2021-40024


TITLE

Huawei  of  EMUI  and  HarmonyOS  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-020314

DESCRIPTION

Implementation of the WLAN module interfaces has the information disclosure vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. Huawei of EMUI and HarmonyOS Exists in unspecified vulnerabilities.Information may be obtained. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in Huawei HarmonyOS 2.0

Trust: 1.8

sources: NVD: CVE-2021-40024 // JVNDB: JVNDB-2021-020314 // VULHUB: VHN-401425 // VULMON: CVE-2021-40024

AFFECTED PRODUCTS

vendor:huaweimodel:emuiscope:eqversion:12.0.0

Trust: 1.0

vendor:huaweimodel:harmonyosscope:eqversion:2.0

Trust: 1.0

vendor:huaweimodel:harmonyosscope:eqversion:2.1

Trust: 1.0

vendor:huaweimodel:emuiscope: - version: -

Trust: 0.8

vendor:huaweimodel:harmonyosscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-020314 // NVD: CVE-2021-40024

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-40024
value: HIGH

Trust: 1.0

NVD: CVE-2021-40024
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202209-217
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2021-40024
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2021-40024
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2021-020314 // CNNVD: CNNVD-202209-217 // NVD: CVE-2021-40024

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-020314 // NVD: CVE-2021-40024

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202209-217

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202209-217

PATCH

title:Huawei HarmonyOS Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=208411

Trust: 0.6

sources: CNNVD: CNNVD-202209-217

EXTERNAL IDS

db:NVDid:CVE-2021-40024

Trust: 3.4

db:JVNDBid:JVNDB-2021-020314

Trust: 0.8

db:CNNVDid:CNNVD-202209-217

Trust: 0.7

db:CNVDid:CNVD-2022-81254

Trust: 0.1

db:VULHUBid:VHN-401425

Trust: 0.1

db:VULMONid:CVE-2021-40024

Trust: 0.1

sources: VULHUB: VHN-401425 // VULMON: CVE-2021-40024 // JVNDB: JVNDB-2021-020314 // CNNVD: CNNVD-202209-217 // NVD: CVE-2021-40024

REFERENCES

url:https://consumer.huawei.com/en/support/bulletin/2022/9/

Trust: 2.6

url:https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845

Trust: 2.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-40024

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2021-40024/

Trust: 0.6

url:https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202209-0000001392078921

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-401425 // VULMON: CVE-2021-40024 // JVNDB: JVNDB-2021-020314 // CNNVD: CNNVD-202209-217 // NVD: CVE-2021-40024

SOURCES

db:VULHUBid:VHN-401425
db:VULMONid:CVE-2021-40024
db:JVNDBid:JVNDB-2021-020314
db:CNNVDid:CNNVD-202209-217
db:NVDid:CVE-2021-40024

LAST UPDATE DATE

2024-08-14T15:37:27.095000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-401425date:2022-09-20T00:00:00
db:VULMONid:CVE-2021-40024date:2022-09-16T00:00:00
db:JVNDBid:JVNDB-2021-020314date:2023-10-11T08:55:00
db:CNNVDid:CNNVD-202209-217date:2022-09-21T00:00:00
db:NVDid:CVE-2021-40024date:2022-09-20T16:58:52.297

SOURCES RELEASE DATE

db:VULHUBid:VHN-401425date:2022-09-16T00:00:00
db:VULMONid:CVE-2021-40024date:2022-09-16T00:00:00
db:JVNDBid:JVNDB-2021-020314date:2023-10-11T00:00:00
db:CNNVDid:CNNVD-202209-217date:2022-09-05T00:00:00
db:NVDid:CVE-2021-40024date:2022-09-16T18:15:11.580