Sign-up

ID

VAR-202211-0452


CVE

CVE-2021-46851


TITLE

Huawei  of  EMUI  and  HarmonyOS  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-020635

DESCRIPTION

The DRM module has a vulnerability in verifying the secure memory attributes. Successful exploitation of this vulnerability may cause abnormal video playback. Huawei of EMUI and HarmonyOS Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2021-46851 // JVNDB: JVNDB-2022-020635 // VULHUB: VHN-430159

AFFECTED PRODUCTS

vendor:huaweimodel:emuiscope:eqversion:12.0.0

Trust: 1.0

vendor:huaweimodel:harmonyosscope:eqversion:2.0

Trust: 1.0

vendor:huaweimodel:harmonyosscope: - version: -

Trust: 0.8

vendor:huaweimodel:emuiscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-020635 // NVD: CVE-2021-46851

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-46851
value: CRITICAL

Trust: 1.0

NVD: CVE-2021-46851
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-202211-2138
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2021-46851
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2021-46851
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-020635 // CNNVD: CNNVD-202211-2138 // NVD: CVE-2021-46851

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-020635 // NVD: CVE-2021-46851

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202211-2138

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202211-2138

PATCH

title:Huawei HarmonyOS Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=213975

Trust: 0.6

sources: CNNVD: CNNVD-202211-2138

EXTERNAL IDS

db:NVDid:CVE-2021-46851

Trust: 3.3

db:JVNDBid:JVNDB-2022-020635

Trust: 0.8

db:CNNVDid:CNNVD-202211-2138

Trust: 0.6

db:VULHUBid:VHN-430159

Trust: 0.1

sources: VULHUB: VHN-430159 // JVNDB: JVNDB-2022-020635 // CNNVD: CNNVD-202211-2138 // NVD: CVE-2021-46851

REFERENCES

url:https://consumer.huawei.com/en/support/bulletin/2022/11/

Trust: 2.5

url:https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202211-0000001441016433

Trust: 2.5

url:https://nvd.nist.gov/vuln/detail/cve-2021-46851

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2021-46851/

Trust: 0.6

url:https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202211-0000001440896653

Trust: 0.6

sources: VULHUB: VHN-430159 // JVNDB: JVNDB-2022-020635 // CNNVD: CNNVD-202211-2138 // NVD: CVE-2021-46851

SOURCES

db:VULHUBid:VHN-430159
db:JVNDBid:JVNDB-2022-020635
db:CNNVDid:CNNVD-202211-2138
db:NVDid:CVE-2021-46851

LAST UPDATE DATE

2024-08-14T14:49:30.963000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-430159date:2022-11-10T00:00:00
db:JVNDBid:JVNDB-2022-020635date:2023-11-02T08:06:00
db:CNNVDid:CNNVD-202211-2138date:2022-11-14T00:00:00
db:NVDid:CVE-2021-46851date:2022-11-10T19:26:24.317

SOURCES RELEASE DATE

db:VULHUBid:VHN-430159date:2022-11-09T00:00:00
db:JVNDBid:JVNDB-2022-020635date:2023-11-02T00:00:00
db:CNNVDid:CNNVD-202211-2138date:2022-11-05T00:00:00
db:NVDid:CVE-2021-46851date:2022-11-09T21:15:12.877