Search

Find a vulnerability

Search criteria

    676 vulnerabilities found for Magic UI by Huawei

    VAR-202208-0562

    Vulnerability from variot - Updated: 2026-03-07 23:56

    The chinadrm module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect the availability. Huawei of EMUI , HarmonyOS , Magic UI Exists in an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be in a state. HUAWEI HarmonyOS is an operating system of China's Huawei (HUAWEI). Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in HUAWEI HarmonyOS 2.0

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.0"
          },
          {
            "_id": null,
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "4.0.0"
          },
          {
            "_id": null,
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "12.0.0"
          },
          {
            "_id": null,
            "model": "harmonyos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "harmonyos",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014549"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37007"
          }
        ]
      },
      "cve": "CVE-2022-37007",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-37007",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2022-37007",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-37007",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2022-37007",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2022-37007",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202208-2402",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2402"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014549"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37007"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37007"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The chinadrm module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect the availability. Huawei of EMUI , HarmonyOS , Magic UI Exists in an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be in a state. HUAWEI HarmonyOS is an operating system of China\u0027s Huawei (HUAWEI). Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in HUAWEI HarmonyOS 2.0",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-37007"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014549"
          },
          {
            "db": "VULHUB",
            "id": "VHN-427491"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-37007",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014549",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2402",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-427491",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-427491"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2402"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014549"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37007"
          }
        ]
      },
      "id": "VAR-202208-0562",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-427491"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-03-07T23:56:34.774000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "HUAWEI HarmonyOS Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=204372"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2402"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-125",
            "trust": 1.1
          },
          {
            "problemtype": "Out-of-bounds read (CWE-125) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-427491"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014549"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37007"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.5,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
          },
          {
            "trust": 2.5,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-37007"
          },
          {
            "trust": 0.6,
            "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202208-0000001310476756"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2022-37007/"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-427491"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2402"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014549"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37007"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-427491",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2402",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014549",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37007",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2022-08-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-427491",
            "ident": null
          },
          {
            "date": "2022-08-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202208-2402",
            "ident": null
          },
          {
            "date": "2023-09-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-014549",
            "ident": null
          },
          {
            "date": "2022-08-10T20:16:04.797000",
            "db": "NVD",
            "id": "CVE-2022-37007",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2022-08-15T00:00:00",
            "db": "VULHUB",
            "id": "VHN-427491",
            "ident": null
          },
          {
            "date": "2022-08-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202208-2402",
            "ident": null
          },
          {
            "date": "2023-09-20T08:29:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-014549",
            "ident": null
          },
          {
            "date": "2026-03-06T20:16:11.130000",
            "db": "NVD",
            "id": "CVE-2022-37007",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2402"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "plural \u00a0Huawei\u00a0 Product out-of-bounds read vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014549"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2402"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202208-0784

    Vulnerability from variot - Updated: 2026-03-07 23:52

    The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE). Successful exploitation of this vulnerability may affect the availability. Huawei of EMUI , HarmonyOS , Magic UI Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. HUAWEI HarmonyOS is an operating system of China's Huawei (HUAWEI). Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in HUAWEI HarmonyOS 2.0

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.0"
          },
          {
            "_id": null,
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0"
          },
          {
            "_id": null,
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.1"
          },
          {
            "_id": null,
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.0.0"
          },
          {
            "_id": null,
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0"
          },
          {
            "_id": null,
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "12.0.0"
          },
          {
            "_id": null,
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.1"
          },
          {
            "_id": null,
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.1"
          },
          {
            "_id": null,
            "model": "harmonyos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "4.0.0"
          },
          {
            "_id": null,
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.0"
          },
          {
            "_id": null,
            "model": "harmonyos",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014552"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37004"
          }
        ]
      },
      "cve": "CVE-2022-37004",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-37004",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2022-37004",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-37004",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2022-37004",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2022-37004",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202208-2398",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2398"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014552"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37004"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37004"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE). Successful exploitation of this vulnerability may affect the availability. Huawei of EMUI , HarmonyOS , Magic UI Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. HUAWEI HarmonyOS is an operating system of China\u0027s Huawei (HUAWEI). Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in HUAWEI HarmonyOS 2.0",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-37004"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014552"
          },
          {
            "db": "VULHUB",
            "id": "VHN-427495"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-37004",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014552",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2398",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-427495",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-427495"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2398"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014552"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37004"
          }
        ]
      },
      "id": "VAR-202208-0784",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-427495"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-03-07T23:52:47.480000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "HUAWEI HarmonyOS Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=204368"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2398"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014552"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37004"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.5,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
          },
          {
            "trust": 2.5,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-37004"
          },
          {
            "trust": 0.6,
            "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202208-0000001310476756"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2022-37004/"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-427495"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2398"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014552"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37004"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-427495",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2398",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014552",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37004",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2022-08-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-427495",
            "ident": null
          },
          {
            "date": "2022-08-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202208-2398",
            "ident": null
          },
          {
            "date": "2023-09-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-014552",
            "ident": null
          },
          {
            "date": "2022-08-10T20:16:04.263000",
            "db": "NVD",
            "id": "CVE-2022-37004",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2022-08-15T00:00:00",
            "db": "VULHUB",
            "id": "VHN-427495",
            "ident": null
          },
          {
            "date": "2022-08-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202208-2398",
            "ident": null
          },
          {
            "date": "2023-09-20T08:29:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-014552",
            "ident": null
          },
          {
            "date": "2026-03-06T18:16:15.220000",
            "db": "NVD",
            "id": "CVE-2022-37004",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2398"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "plural \u00a0Huawei\u00a0 Product vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014552"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2398"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202208-0507

    Vulnerability from variot - Updated: 2026-03-07 23:49

    The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability. Huawei of EMUI , HarmonyOS , Magic UI Exists in an inadequate validation of data reliability vulnerabilities.Service operation interruption (DoS) It may be in a state. HUAWEI HarmonyOS is an operating system of China's Huawei (HUAWEI). Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in Huawei HarmonyOS 2.0

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.0"
          },
          {
            "_id": null,
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.1"
          },
          {
            "_id": null,
            "model": "harmonyos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "4.0.0"
          },
          {
            "_id": null,
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "12.0.0"
          },
          {
            "_id": null,
            "model": "harmonyos",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014548"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37008"
          }
        ]
      },
      "cve": "CVE-2022-37008",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-37008",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2022-37008",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-37008",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2022-37008",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2022-37008",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202208-2400",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2400"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014548"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37008"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37008"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability. Huawei of EMUI , HarmonyOS , Magic UI Exists in an inadequate validation of data reliability vulnerabilities.Service operation interruption (DoS) It may be in a state. HUAWEI HarmonyOS is an operating system of China\u0027s Huawei (HUAWEI). Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in Huawei HarmonyOS 2.0",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-37008"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014548"
          },
          {
            "db": "VULHUB",
            "id": "VHN-427493"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-37008",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014548",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2400",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-427493",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-427493"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2400"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014548"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37008"
          }
        ]
      },
      "id": "VAR-202208-0507",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-427493"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-03-07T23:49:28.589000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "HUAWEI HarmonyOS Repair measures for data forgery problem vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=204370"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2400"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-345",
            "trust": 1.1
          },
          {
            "problemtype": "Inadequate verification of data reliability (CWE-345) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-427493"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014548"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37008"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.5,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
          },
          {
            "trust": 2.5,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-37008"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2022-37008/"
          },
          {
            "trust": 0.6,
            "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202208-0000001310476756"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-427493"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2400"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014548"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37008"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-427493",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2400",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014548",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37008",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2022-08-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-427493",
            "ident": null
          },
          {
            "date": "2022-08-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202208-2400",
            "ident": null
          },
          {
            "date": "2023-09-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-014548",
            "ident": null
          },
          {
            "date": "2022-08-10T20:16:04.967000",
            "db": "NVD",
            "id": "CVE-2022-37008",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2022-08-15T00:00:00",
            "db": "VULHUB",
            "id": "VHN-427493",
            "ident": null
          },
          {
            "date": "2022-08-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202208-2400",
            "ident": null
          },
          {
            "date": "2023-09-20T08:28:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-014548",
            "ident": null
          },
          {
            "date": "2026-03-06T18:16:15.810000",
            "db": "NVD",
            "id": "CVE-2022-37008",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2400"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "plural \u00a0Huawei\u00a0 Insufficient Validation of Data Trust in Products Vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014548"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "data forgery",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2400"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202208-0488

    Vulnerability from variot - Updated: 2026-03-07 23:39

    The Settings application has an argument injection vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. Huawei of EMUI , HarmonyOS , Magic UI Exists in a vulnerability in inserting or modifying arguments.Information may be obtained. HUAWEI HarmonyOS is an operating system of China's Huawei (HUAWEI). Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in HUAWEI HarmonyOS 2.0

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.0"
          },
          {
            "_id": null,
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.1"
          },
          {
            "_id": null,
            "model": "harmonyos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "4.0.0"
          },
          {
            "_id": null,
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.1"
          },
          {
            "_id": null,
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "12.0.0"
          },
          {
            "_id": null,
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.1"
          },
          {
            "_id": null,
            "model": "harmonyos",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014551"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37005"
          }
        ]
      },
      "cve": "CVE-2022-37005",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-37005",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2022-37005",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-37005",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2022-37005",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2022-37005",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202208-2396",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2396"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014551"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37005"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37005"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The Settings application has an argument injection vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. Huawei of EMUI , HarmonyOS , Magic UI Exists in a vulnerability in inserting or modifying arguments.Information may be obtained. HUAWEI HarmonyOS is an operating system of China\u0027s Huawei (HUAWEI). Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in HUAWEI HarmonyOS 2.0",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-37005"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014551"
          },
          {
            "db": "VULHUB",
            "id": "VHN-427497"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-37005"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-37005",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014551",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2396",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-427497",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-37005",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-427497"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-37005"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2396"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014551"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37005"
          }
        ]
      },
      "id": "VAR-202208-0488",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-427497"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-03-07T23:39:48.722000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "HUAWEI HarmonyOS Repair measures for parameter injection vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=204366"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2396"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-88",
            "trust": 1.1
          },
          {
            "problemtype": "Insert or change arguments (CWE-88) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-427497"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014551"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37005"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.6,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
          },
          {
            "trust": 2.6,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-37005"
          },
          {
            "trust": 0.6,
            "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202208-0000001310476756"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2022-37005/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-427497"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-37005"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2396"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014551"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37005"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-427497",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-37005",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2396",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014551",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37005",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2022-08-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-427497",
            "ident": null
          },
          {
            "date": "2022-08-10T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-37005",
            "ident": null
          },
          {
            "date": "2022-08-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202208-2396",
            "ident": null
          },
          {
            "date": "2023-09-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-014551",
            "ident": null
          },
          {
            "date": "2022-08-10T20:16:04.443000",
            "db": "NVD",
            "id": "CVE-2022-37005",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2022-08-15T00:00:00",
            "db": "VULHUB",
            "id": "VHN-427497",
            "ident": null
          },
          {
            "date": "2022-08-10T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-37005",
            "ident": null
          },
          {
            "date": "2022-08-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202208-2396",
            "ident": null
          },
          {
            "date": "2023-09-20T08:29:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-014551",
            "ident": null
          },
          {
            "date": "2026-03-06T18:16:15.530000",
            "db": "NVD",
            "id": "CVE-2022-37005",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2396"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "plural \u00a0Huawei\u00a0 Argument insertion or modification vulnerabilities in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014551"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "parameter injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2396"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202208-0888

    Vulnerability from variot - Updated: 2026-03-07 23:34

    Vulnerability of writing data to an arbitrary address in the HW_KEYMASTER module. Successful exploitation of this vulnerability may affect confidentiality. Huawei of EMUI , HarmonyOS , Magic UI Exists in unspecified vulnerabilities.Information may be obtained. HUAWEI EMUI is a mobile operating system developed based on Android

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.0"
          },
          {
            "_id": null,
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0"
          },
          {
            "_id": null,
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.1"
          },
          {
            "_id": null,
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.0.0"
          },
          {
            "_id": null,
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0"
          },
          {
            "_id": null,
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.1"
          },
          {
            "_id": null,
            "model": "harmonyos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "4.0.0"
          },
          {
            "_id": null,
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.0"
          },
          {
            "_id": null,
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "harmonyos",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-020146"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40040"
          }
        ]
      },
      "cve": "CVE-2021-40040",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2021-40040",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-40040",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-40040",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2021-40040",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-40040",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202208-2783",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2783"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-020146"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40040"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40040"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Vulnerability of writing data to an arbitrary address in the HW_KEYMASTER module. Successful exploitation of this vulnerability may affect confidentiality. Huawei of EMUI , HarmonyOS , Magic UI Exists in unspecified vulnerabilities.Information may be obtained. HUAWEI EMUI is a mobile operating system developed based on Android",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-40040"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-020146"
          },
          {
            "db": "VULHUB",
            "id": "VHN-401441"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-40040",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-020146",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2783",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2022-81251",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-401441",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401441"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2783"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-020146"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40040"
          }
        ]
      },
      "id": "VAR-202208-0888",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401441"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-03-07T23:34:25.080000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "HUAWEI EMUI  and Magic UI Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=204272"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2783"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-020146"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40040"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.5,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
          },
          {
            "trust": 2.5,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-40040"
          },
          {
            "trust": 0.6,
            "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202209-0000001392078921"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2021-40040/"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401441"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2783"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-020146"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40040"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-401441",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2783",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-020146",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40040",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2022-08-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-401441",
            "ident": null
          },
          {
            "date": "2022-08-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202208-2783",
            "ident": null
          },
          {
            "date": "2023-09-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-020146",
            "ident": null
          },
          {
            "date": "2022-08-10T20:15:22.443000",
            "db": "NVD",
            "id": "CVE-2021-40040",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2022-10-27T00:00:00",
            "db": "VULHUB",
            "id": "VHN-401441",
            "ident": null
          },
          {
            "date": "2022-09-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202208-2783",
            "ident": null
          },
          {
            "date": "2023-09-19T08:11:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-020146",
            "ident": null
          },
          {
            "date": "2026-03-06T18:16:09.910000",
            "db": "NVD",
            "id": "CVE-2021-40040",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2783"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "plural \u00a0Huawei\u00a0 Product vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-020146"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2783"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202208-0445

    Vulnerability from variot - Updated: 2026-03-07 23:29

    The My HUAWEI app has a defect in the design. Successful exploitation of this vulnerability may affect data confidentiality. Huawei of EMUI , HarmonyOS , Magic UI Exists in unspecified vulnerabilities.Information may be obtained. HUAWEI HarmonyOS is an operating system of China's Huawei (HUAWEI). Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in HUAWEI HarmonyOS, which is caused by a flaw introduced in the design process

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.0"
          },
          {
            "_id": null,
            "model": "harmonyos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0"
          },
          {
            "_id": null,
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "4.0.0"
          },
          {
            "_id": null,
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.1"
          },
          {
            "_id": null,
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.0"
          },
          {
            "_id": null,
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "12.0.0"
          },
          {
            "_id": null,
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.1"
          },
          {
            "_id": null,
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "_id": null,
            "model": "harmonyos",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-020148"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40030"
          }
        ]
      },
      "cve": "CVE-2021-40030",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2021-40030",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-40030",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-40030",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2021-40030",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-40030",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202208-2395",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2395"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-020148"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40030"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40030"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The My HUAWEI app has a defect in the design. Successful exploitation of this vulnerability may affect data confidentiality. Huawei of EMUI , HarmonyOS , Magic UI Exists in unspecified vulnerabilities.Information may be obtained. HUAWEI HarmonyOS is an operating system of China\u0027s Huawei (HUAWEI). Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in HUAWEI HarmonyOS, which is caused by a flaw introduced in the design process",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-40030"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-020148"
          },
          {
            "db": "VULHUB",
            "id": "VHN-401431"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-40030",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-020148",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2395",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-401431",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401431"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2395"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-020148"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40030"
          }
        ]
      },
      "id": "VAR-202208-0445",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401431"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-03-07T23:29:40.981000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "HUAWEI HarmonyOS Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=204203"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2395"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-020148"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40030"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.5,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
          },
          {
            "trust": 2.5,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-40030"
          },
          {
            "trust": 0.6,
            "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202208-0000001310476756"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2021-40030/"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401431"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2395"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-020148"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40030"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-401431",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2395",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-020148",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40030",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2022-08-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-401431",
            "ident": null
          },
          {
            "date": "2022-08-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202208-2395",
            "ident": null
          },
          {
            "date": "2023-09-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-020148",
            "ident": null
          },
          {
            "date": "2022-08-10T20:15:22.347000",
            "db": "NVD",
            "id": "CVE-2021-40030",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2022-08-12T00:00:00",
            "db": "VULHUB",
            "id": "VHN-401431",
            "ident": null
          },
          {
            "date": "2022-08-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202208-2395",
            "ident": null
          },
          {
            "date": "2023-09-19T08:11:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-020148",
            "ident": null
          },
          {
            "date": "2026-03-06T18:16:08.803000",
            "db": "NVD",
            "id": "CVE-2021-40030",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2395"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "plural \u00a0Huawei\u00a0 Product vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-020148"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2395"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202208-0666

    Vulnerability from variot - Updated: 2025-11-18 15:38

    The SystemUI module has a privilege escalation vulnerability. Successful exploitation of this vulnerability can cause malicious applications to pop up windows or run in the background. Huawei of EMUI , HarmonyOS , Magic UI Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. HUAWEI HarmonyOS is an operating system of China's Huawei (HUAWEI). Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in HUAWEI HarmonyOS 2.0

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202208-0666",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "4.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0"
          },
          {
            "model": "harmonyos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "12.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0"
          },
          {
            "model": "harmonyos",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014554"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37002"
          }
        ]
      },
      "cve": "CVE-2022-37002",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-37002",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "availabilityImpact": "NONE",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.2,
                "id": "CVE-2022-37002",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2022-37002",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-37002",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2022-37002",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2022-37002",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202208-2399",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2399"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014554"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37002"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37002"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The SystemUI module has a privilege escalation vulnerability. Successful exploitation of this vulnerability can cause malicious applications to pop up windows or run in the background. Huawei of EMUI , HarmonyOS , Magic UI Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. HUAWEI HarmonyOS is an operating system of China\u0027s Huawei (HUAWEI). Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in HUAWEI HarmonyOS 2.0",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-37002"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014554"
          },
          {
            "db": "VULHUB",
            "id": "VHN-427494"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-37002"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-37002",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014554",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2399",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-427494",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-37002",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-427494"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-37002"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2399"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014554"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37002"
          }
        ]
      },
      "id": "VAR-202208-0666",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-427494"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2025-11-18T15:38:10.292000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "HUAWEI HarmonyOS Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=204369"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2399"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-269",
            "trust": 1.0
          },
          {
            "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
            "trust": 0.8
          },
          {
            "problemtype": "CWE-863",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-427494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014554"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37002"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.6,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
          },
          {
            "trust": 2.6,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-37002"
          },
          {
            "trust": 0.6,
            "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202208-0000001310476756"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2022-37002/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-427494"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-37002"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2399"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014554"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37002"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-427494"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-37002"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2399"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014554"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37002"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-08-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-427494"
          },
          {
            "date": "2022-08-10T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-37002"
          },
          {
            "date": "2022-08-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202208-2399"
          },
          {
            "date": "2023-09-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-014554"
          },
          {
            "date": "2022-08-10T20:16:03.777000",
            "db": "NVD",
            "id": "CVE-2022-37002"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-08-15T00:00:00",
            "db": "VULHUB",
            "id": "VHN-427494"
          },
          {
            "date": "2022-08-10T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-37002"
          },
          {
            "date": "2022-08-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202208-2399"
          },
          {
            "date": "2023-09-20T08:29:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-014554"
          },
          {
            "date": "2025-10-20T18:15:37.427000",
            "db": "NVD",
            "id": "CVE-2022-37002"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2399"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Product vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014554"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2399"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202208-0811

    Vulnerability from variot - Updated: 2025-09-09 23:11

    The AOD module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may cause permission escalation and unauthorized access to files. Huawei of EMUI , HarmonyOS , Magic UI There is a vulnerability in improper default permissions.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. HUAWEI HarmonyOS is an operating system of China's Huawei (HUAWEI). Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in HUAWEI HarmonyOS 2.0

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202208-0811",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "12.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "4.0.0"
          },
          {
            "model": "harmonyos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.0"
          },
          {
            "model": "harmonyos",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014553"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37003"
          }
        ]
      },
      "cve": "CVE-2022-37003",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-37003",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2022-37003",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2022-37003",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-37003",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2022-37003",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2022-37003",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202208-2397",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2397"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014553"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37003"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37003"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The AOD module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may cause permission escalation and unauthorized access to files. Huawei of EMUI , HarmonyOS , Magic UI There is a vulnerability in improper default permissions.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. HUAWEI HarmonyOS is an operating system of China\u0027s Huawei (HUAWEI). Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in HUAWEI HarmonyOS 2.0",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-37003"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014553"
          },
          {
            "db": "VULHUB",
            "id": "VHN-427496"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-37003"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-37003",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014553",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2397",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-427496",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-37003",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-427496"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-37003"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2397"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014553"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37003"
          }
        ]
      },
      "id": "VAR-202208-0811",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-427496"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2025-09-09T23:11:22.753000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "HUAWEI HarmonyOS Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=204367"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2397"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-276",
            "trust": 1.1
          },
          {
            "problemtype": "Inappropriate default permissions (CWE-276) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-427496"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014553"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37003"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.6,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/8/"
          },
          {
            "trust": 2.6,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202208-0000001363876177"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-37003"
          },
          {
            "trust": 0.6,
            "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202208-0000001310476756"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2022-37003/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-427496"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-37003"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2397"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014553"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37003"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-427496"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-37003"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2397"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014553"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-37003"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-08-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-427496"
          },
          {
            "date": "2022-08-10T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-37003"
          },
          {
            "date": "2022-08-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202208-2397"
          },
          {
            "date": "2023-09-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-014553"
          },
          {
            "date": "2022-08-10T20:16:04.073000",
            "db": "NVD",
            "id": "CVE-2022-37003"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-08-15T00:00:00",
            "db": "VULHUB",
            "id": "VHN-427496"
          },
          {
            "date": "2022-08-10T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-37003"
          },
          {
            "date": "2022-08-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202208-2397"
          },
          {
            "date": "2023-09-20T08:29:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-014553"
          },
          {
            "date": "2025-09-08T19:15:33.170000",
            "db": "NVD",
            "id": "CVE-2022-37003"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2397"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Inappropriate Default Permission Vulnerability in Products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-014553"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2397"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202209-0367

    Vulnerability from variot - Updated: 2025-06-04 23:06

    The number identification module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause data disclosure. Huawei of EMUI , HarmonyOS , Magic UI Exists in a past traversal vulnerability.Information may be obtained

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202209-0367",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "harmonyos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "12.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "4.0.0"
          },
          {
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "harmonyos",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017593"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-39001"
          }
        ]
      },
      "cve": "CVE-2022-39001",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-39001",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2022-39001",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-39001",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2022-39001",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2022-39001",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202209-161",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017593"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202209-161"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-39001"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-39001"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The number identification module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause data disclosure. Huawei of EMUI , HarmonyOS , Magic UI Exists in a past traversal vulnerability.Information may be obtained",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-39001"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017593"
          },
          {
            "db": "VULHUB",
            "id": "VHN-434772"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-39001"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-39001",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017593",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202209-161",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-434772",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-39001",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-434772"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-39001"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017593"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202209-161"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-39001"
          }
        ]
      },
      "id": "VAR-202209-0367",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-434772"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2025-06-04T23:06:34.887000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Huawei HarmonyOS Repair measures for path traversal vulnerabilities",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=208615"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202209-161"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-22",
            "trust": 1.1
          },
          {
            "problemtype": "Path traversal (CWE-22) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-434772"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017593"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-39001"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.6,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/9/"
          },
          {
            "trust": 2.6,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202209-0000001392278845"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-39001"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2022-39001/"
          },
          {
            "trust": 0.6,
            "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202209-0000001392078921"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-434772"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-39001"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017593"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202209-161"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-39001"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-434772"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-39001"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017593"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202209-161"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-39001"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-09-16T00:00:00",
            "db": "VULHUB",
            "id": "VHN-434772"
          },
          {
            "date": "2022-09-16T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-39001"
          },
          {
            "date": "2023-10-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-017593"
          },
          {
            "date": "2022-09-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202209-161"
          },
          {
            "date": "2022-09-16T18:15:17.937000",
            "db": "NVD",
            "id": "CVE-2022-39001"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-09-21T00:00:00",
            "db": "VULHUB",
            "id": "VHN-434772"
          },
          {
            "date": "2022-09-16T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-39001"
          },
          {
            "date": "2023-10-13T08:43:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-017593"
          },
          {
            "date": "2022-09-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202209-161"
          },
          {
            "date": "2025-06-03T18:15:22.960000",
            "db": "NVD",
            "id": "CVE-2022-39001"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202209-161"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Past traversal vulnerabilities in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017593"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "path traversal",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202209-161"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202111-1764

    Vulnerability from variot - Updated: 2025-05-23 23:26

    There is a Vulnerability of obtaining broadcast information improperly due to improper broadcast permission settings in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality. plural Huawei A vulnerability related to improper default permissions exists in smartphone products.Information may be obtained. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. There is a sensitive information disclosure vulnerability in the Huawei HarmonyOS SIM dual card management component. An attacker could exploit this vulnerability to compromise confidentiality

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202111-1764",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "harmonyos",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0"
          },
          {
            "model": "harmonyos",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017614"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-39967"
          }
        ]
      },
      "cve": "CVE-2021-39967",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2021-39967",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-401368",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2021-39967",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-39967",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-39967",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2021-39967",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-39967",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202111-2136",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-401368",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401368"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017614"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-2136"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-39967"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-39967"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is a Vulnerability of obtaining broadcast information improperly due to improper broadcast permission settings in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality. plural Huawei A vulnerability related to improper default permissions exists in smartphone products.Information may be obtained. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. There is a sensitive information disclosure vulnerability in the Huawei HarmonyOS SIM dual card management component. An attacker could exploit this vulnerability to compromise confidentiality",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-39967"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017614"
          },
          {
            "db": "VULHUB",
            "id": "VHN-401368"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-39967"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-39967",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017614",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-2136",
            "trust": 0.6
          },
          {
            "db": "CNVD",
            "id": "CNVD-2022-14782",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-401368",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-39967",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401368"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-39967"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017614"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-2136"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-39967"
          }
        ]
      },
      "id": "VAR-202111-1764",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401368"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2025-05-23T23:26:16.202000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "security-bulletins-202111-0000001217889667 Huawei\u00a0Support\u00a0Bulletin",
            "trust": 0.8,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
          },
          {
            "title": "Huawei HarmonyOS Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176797"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017614"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-2136"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-276",
            "trust": 1.1
          },
          {
            "problemtype": "Inappropriate default permissions (CWE-276) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401368"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017614"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-39967"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
          },
          {
            "trust": 1.8,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-39967"
          },
          {
            "trust": 0.6,
            "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202111-0000001217889667"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401368"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-39967"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017614"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-2136"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-39967"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-401368"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-39967"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017614"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-2136"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-39967"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-01-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-401368"
          },
          {
            "date": "2022-01-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-39967"
          },
          {
            "date": "2023-01-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017614"
          },
          {
            "date": "2021-11-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202111-2136"
          },
          {
            "date": "2022-01-03T22:15:10",
            "db": "NVD",
            "id": "CVE-2021-39967"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-01-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-401368"
          },
          {
            "date": "2022-01-04T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-39967"
          },
          {
            "date": "2023-01-27T07:25:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017614"
          },
          {
            "date": "2022-01-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202111-2136"
          },
          {
            "date": "2025-05-22T19:15:25.590000",
            "db": "NVD",
            "id": "CVE-2021-39967"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-2136"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Improper Default Permission Vulnerability in Smartphone Products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017614"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-2136"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202111-1767

    Vulnerability from variot - Updated: 2025-05-23 23:15

    There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality. HarmonyOS Exists in a vulnerability related to the leakage of resources to the wrong area.Information may be obtained

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202111-1767",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.1"
          },
          {
            "model": "harmonyos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.0"
          },
          {
            "model": "harmonyos",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0"
          },
          {
            "model": "harmonyos",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "harmonyos",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017589"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-37133"
          }
        ]
      },
      "cve": "CVE-2021-37133",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2021-37133",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-398969",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2021-37133",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-37133",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-37133",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2021-37133",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-37133",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202111-2133",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-398969",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-398969"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017589"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-2133"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-37133"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-37133"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality. HarmonyOS Exists in a vulnerability related to the leakage of resources to the wrong area.Information may be obtained",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-37133"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017589"
          },
          {
            "db": "VULHUB",
            "id": "VHN-398969"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-37133"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-37133",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017589",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-2133",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-398969",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-37133",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-398969"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-37133"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017589"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-2133"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-37133"
          }
        ]
      },
      "id": "VAR-202111-1767",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-398969"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2025-05-23T23:15:57.508000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "security-bulletins-202111-0000001217889667 Huawei\u00a0Support\u00a0Bulletin",
            "trust": 0.8,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
          },
          {
            "title": "Huawei HarmonyOS Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176794"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017589"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-2133"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "Leakage of resources to the wrong area (CWE-668) [NVD evaluation ]",
            "trust": 0.8
          },
          {
            "problemtype": "CWE-668",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-398969"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017589"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-37133"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://consumer.huawei.com/en/support/bulletin/2021/11/"
          },
          {
            "trust": 1.8,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-37133"
          },
          {
            "trust": 0.6,
            "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202111-0000001217889667"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-398969"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-37133"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017589"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-2133"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-37133"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-398969"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-37133"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017589"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-2133"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-37133"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-01-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-398969"
          },
          {
            "date": "2022-01-03T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-37133"
          },
          {
            "date": "2023-01-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017589"
          },
          {
            "date": "2021-11-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202111-2133"
          },
          {
            "date": "2022-01-03T22:15:09.800000",
            "db": "NVD",
            "id": "CVE-2021-37133"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-01-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-398969"
          },
          {
            "date": "2022-01-04T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-37133"
          },
          {
            "date": "2023-01-27T05:09:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-017589"
          },
          {
            "date": "2022-01-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202111-2133"
          },
          {
            "date": "2025-05-22T19:15:25.107000",
            "db": "NVD",
            "id": "CVE-2021-37133"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-2133"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "HarmonyOS\u00a0 Vulnerability in leaking resources to the wrong area in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-017589"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202111-2133"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202201-1040

    Vulnerability from variot - Updated: 2024-11-23 23:10

    There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability. Huawei HarmonyOS , EMUI , Magic UI Exists in a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202201-1040",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "12.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "4.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.0"
          },
          {
            "model": "harmonyos",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.0"
          },
          {
            "model": "harmonyos",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-002908"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40035"
          }
        ]
      },
      "cve": "CVE-2021-40035",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2021-40035",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-401436",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2021-40035",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2021-40035",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-40035",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-40035",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202201-280",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-401436",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401436"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-002908"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202201-280"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40035"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is a Buffer overflow vulnerability due to a boundary error with the Samba server in the file management module in smartphones. Successful exploitation of this vulnerability may affect function stability. Huawei HarmonyOS , EMUI , Magic UI Exists in a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-40035"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-002908"
          },
          {
            "db": "VULHUB",
            "id": "VHN-401436"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-40035",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-002908",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202201-280",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2022-13181",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-401436",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401436"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-002908"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202201-280"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40035"
          }
        ]
      },
      "id": "VAR-202201-1040",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401436"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T23:10:58.843000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "security-bulletins-202201-0000001238736331 Huawei\u00a0Support\u00a0Bulletin",
            "trust": 0.8,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
          },
          {
            "title": "Huawei HarmonyOS Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=177446"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-002908"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202201-280"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.1
          },
          {
            "problemtype": "Classic buffer overflow (CWE-120) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401436"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-002908"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40035"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/1/"
          },
          {
            "trust": 1.7,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202201-0000001238736331"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-40035"
          },
          {
            "trust": 0.6,
            "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202201-0000001238736331"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401436"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-002908"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202201-280"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40035"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-401436"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-002908"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202201-280"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40035"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-01-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-401436"
          },
          {
            "date": "2023-01-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-002908"
          },
          {
            "date": "2022-01-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202201-280"
          },
          {
            "date": "2022-01-10T14:10:22.360000",
            "db": "NVD",
            "id": "CVE-2021-40035"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-01-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-401436"
          },
          {
            "date": "2023-01-27T02:20:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-002908"
          },
          {
            "date": "2022-01-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202201-280"
          },
          {
            "date": "2024-11-21T06:23:25.877000",
            "db": "NVD",
            "id": "CVE-2021-40035"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202201-280"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Classic buffer overflow vulnerability in the product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-002908"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202201-280"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202206-0262

    Vulnerability from variot - Updated: 2024-11-23 23:10

    AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability. Huawei of EMUI , HarmonyOS , Magic UI Exists in an uninitialized pointer access vulnerability.Service operation interruption (DoS) It may be in a state. HUAWEI HarmonyOS is an operating system of China's Huawei (HUAWEI). Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in HUAWEI HarmonyOS 2.0

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202206-0262",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.0"
          },
          {
            "model": "harmonyos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "4.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "12.0.0"
          },
          {
            "model": "harmonyos",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011279"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-31759"
          }
        ]
      },
      "cve": "CVE-2022-31759",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-31759",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.8,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "VHN-423592",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.8,
                "id": "CVE-2022-31759",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 5.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2022-31759",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-31759",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2022-31759",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202206-474",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-423592",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-423592"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011279"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-474"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-31759"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability. Huawei of EMUI , HarmonyOS , Magic UI Exists in an uninitialized pointer access vulnerability.Service operation interruption (DoS) It may be in a state. HUAWEI HarmonyOS is an operating system of China\u0027s Huawei (HUAWEI). Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in HUAWEI HarmonyOS 2.0",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-31759"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011279"
          },
          {
            "db": "VULHUB",
            "id": "VHN-423592"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-31759"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-31759",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011279",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-474",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2022-66178",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-423592",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-31759",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-423592"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-31759"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011279"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-474"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-31759"
          }
        ]
      },
      "id": "VAR-202206-0262",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-423592"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T23:10:49.073000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "HUAWEI HarmonyOS Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=196701"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-474"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-824",
            "trust": 1.1
          },
          {
            "problemtype": "Accessing uninitialized pointers (CWE-824) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-423592"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011279"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-31759"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.6,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
          },
          {
            "trust": 2.6,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-31759"
          },
          {
            "trust": 0.6,
            "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202206-0000001270510450"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2022-31759/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-423592"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-31759"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011279"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-474"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-31759"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-423592"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-31759"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011279"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-474"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-31759"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-06-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-423592"
          },
          {
            "date": "2022-06-13T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-31759"
          },
          {
            "date": "2023-08-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-011279"
          },
          {
            "date": "2022-06-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202206-474"
          },
          {
            "date": "2022-06-13T15:15:10.337000",
            "db": "NVD",
            "id": "CVE-2022-31759"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-06-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-423592"
          },
          {
            "date": "2022-06-13T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-31759"
          },
          {
            "date": "2023-08-21T08:18:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-011279"
          },
          {
            "date": "2022-06-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202206-474"
          },
          {
            "date": "2024-11-21T07:05:15.037000",
            "db": "NVD",
            "id": "CVE-2022-31759"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-474"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Product Uninitialized Pointer Access Vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011279"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-474"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202104-1920

    Vulnerability from variot - Updated: 2024-11-23 23:07

    A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to cause memory leakage and doS attacks by carefully constructing attack scenarios. Huawei Smartphones contain a vulnerability regarding the lack of resource release after a valid lifetime.Denial of service (DoS) It may be put into a state. Huawei Emui is an Android-based mobile operating system developed by China's Huawei (Huawei)

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202104-1920",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "4.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.0.0"
          },
          {
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-016448"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9146"
          }
        ]
      },
      "cve": "CVE-2020-9146",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 1.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.4,
                "id": "CVE-2020-9146",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.9,
                "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 1.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.4,
                "id": "VHN-187271",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 0.1,
                "vectorString": "AV:L/AC:M/AU:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.8,
                "id": "CVE-2020-9146",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 5.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2020-9146",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9146",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-9146",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202104-027",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-187271",
                "trust": 0.1,
                "value": "LOW"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-9146",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187271"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9146"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-016448"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-027"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9146"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to cause memory leakage and doS attacks by carefully constructing attack scenarios. Huawei Smartphones contain a vulnerability regarding the lack of resource release after a valid lifetime.Denial of service (DoS) It may be put into a state. Huawei Emui is an Android-based mobile operating system developed by China\u0027s Huawei (Huawei)",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9146"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-016448"
          },
          {
            "db": "VULHUB",
            "id": "VHN-187271"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9146"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9146",
            "trust": 2.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-016448",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-027",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-187271",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9146",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187271"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9146"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-016448"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-027"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9146"
          }
        ]
      },
      "id": "VAR-202104-1920",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187271"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T23:07:36.768000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Huawei\u00a0EMUI/Magic\u00a0UI\u00a0 Security update \u00a02021 Year 1 Moon",
            "trust": 0.8,
            "url": "https://consumer.huawei.com/jp/support/bulletin/2021/1/"
          },
          {
            "title": "Huawei Emui Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=146445"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-016448"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-027"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-772",
            "trust": 1.1
          },
          {
            "problemtype": "Lack of resource release after valid lifetime (CWE-772) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187271"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-016448"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9146"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://consumer.huawei.com/cn/support/bulletin/2021/1"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9146"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/772.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187271"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9146"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-016448"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-027"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9146"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-187271"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9146"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-016448"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-027"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9146"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-04-01T00:00:00",
            "db": "VULHUB",
            "id": "VHN-187271"
          },
          {
            "date": "2021-04-01T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-9146"
          },
          {
            "date": "2021-12-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-016448"
          },
          {
            "date": "2021-04-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202104-027"
          },
          {
            "date": "2021-04-01T18:15:12.293000",
            "db": "NVD",
            "id": "CVE-2020-9146"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-12-09T00:00:00",
            "db": "VULHUB",
            "id": "VHN-187271"
          },
          {
            "date": "2021-04-06T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-9146"
          },
          {
            "date": "2021-12-07T01:44:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-016448"
          },
          {
            "date": "2021-04-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202104-027"
          },
          {
            "date": "2024-11-21T05:40:08.003000",
            "db": "NVD",
            "id": "CVE-2020-9146"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-027"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Huawei\u00a0 Vulnerability regarding lack of release of resources after valid lifetime on smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-016448"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-027"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202205-1066

    Vulnerability from variot - Updated: 2024-11-23 23:07

    Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations. Huawei of EMUI and Magic UI Exists in unspecified vulnerabilities.Information may be tampered with. HUAWEI EMUI is a mobile operating system developed based on Android. There is a security vulnerability in HUAWEI EMUI/Magic UI, which is caused by a third-party pop-up overlay vulnerability in the iConnect module

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202205-1066",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "12.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "4.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.0"
          },
          {
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-009692"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-46788"
          }
        ]
      },
      "cve": "CVE-2021-46788",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2021-46788",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-419300",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2021-46788",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2021-46788",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-46788",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-46788",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202205-3331",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-419300",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2021-46788",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-419300"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-46788"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-009692"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202205-3331"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-46788"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations. Huawei of EMUI and Magic UI Exists in unspecified vulnerabilities.Information may be tampered with. HUAWEI EMUI is a mobile operating system developed based on Android. There is a security vulnerability in HUAWEI EMUI/Magic UI, which is caused by a third-party pop-up overlay vulnerability in the iConnect module",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-46788"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-009692"
          },
          {
            "db": "VULHUB",
            "id": "VHN-419300"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-46788"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-46788",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-009692",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202205-3331",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2022-43213",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-419300",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-46788",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-419300"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-46788"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-009692"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202205-3331"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-46788"
          }
        ]
      },
      "id": "VAR-202205-1066",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-419300"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T23:07:21.266000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "HUAWEI EMUI/Magic UI Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=193837"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202205-3331"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-009692"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-46788"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.6,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-46788"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2021-46788/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-419300"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-46788"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-009692"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202205-3331"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-46788"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-419300"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-46788"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-009692"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202205-3331"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-46788"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-05-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-419300"
          },
          {
            "date": "2022-05-13T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-46788"
          },
          {
            "date": "2023-08-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-009692"
          },
          {
            "date": "2022-05-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202205-3331"
          },
          {
            "date": "2022-05-13T15:15:08.570000",
            "db": "NVD",
            "id": "CVE-2021-46788"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-05-23T00:00:00",
            "db": "VULHUB",
            "id": "VHN-419300"
          },
          {
            "date": "2022-05-23T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-46788"
          },
          {
            "date": "2023-08-07T08:15:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-009692"
          },
          {
            "date": "2022-05-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202205-3331"
          },
          {
            "date": "2024-11-21T06:34:43.383000",
            "db": "NVD",
            "id": "CVE-2021-46788"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202205-3331"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Huawei\u00a0 of \u00a0EMUI\u00a0 and \u00a0Magic\u00a0UI\u00a0 Vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-009692"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202205-3331"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202101-1003

    Vulnerability from variot - Updated: 2024-11-23 23:04

    There is a missing authentication vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability may lead to low-sensitive information exposure. plural Huawei Smartphones are vulnerable to lack of authentication for critical features.Information may be obtained. Huawei Emui is an Android-based mobile operating system developed by Huawei in China. Honor Magic Ui is an Android-based mobile operating system developed by China Honor Company. Huawei smartphones have security vulnerabilities that attackers can exploit to obtain low-sensitive information

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202101-1003",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.1.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.0.0"
          },
          {
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015409"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9143"
          }
        ]
      },
      "cve": "CVE-2020-9143",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2020-9143",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-187268",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-9143",
                "impactScore": 1.4,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.3,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "CVE-2020-9143",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9143",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-9143",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202101-1097",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-187268",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187268"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015409"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1097"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9143"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is a missing authentication vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability may lead to low-sensitive information exposure. plural Huawei Smartphones are vulnerable to lack of authentication for critical features.Information may be obtained. Huawei Emui is an Android-based mobile operating system developed by Huawei in China. Honor Magic Ui is an Android-based mobile operating system developed by China Honor Company. Huawei smartphones have security vulnerabilities that attackers can exploit to obtain low-sensitive information",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9143"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015409"
          },
          {
            "db": "VULHUB",
            "id": "VHN-187268"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9143",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015409",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1097",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-187268",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187268"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015409"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1097"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9143"
          }
        ]
      },
      "id": "VAR-202101-1003",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187268"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T23:04:07.347000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Huawei\u00a0EMUI/Magic\u00a0UI\u00a0security\u00a0updates\u00a0Dec-20",
            "trust": 0.8,
            "url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
          },
          {
            "title": "Repair measures for security vulnerabilities in Huawei smartphones",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=139457"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015409"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1097"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-306",
            "trust": 1.1
          },
          {
            "problemtype": "Lack of authentication for important features (CWE-306) [NVD Evaluation ]",
            "trust": 0.8
          },
          {
            "problemtype": "CWE-287",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187268"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015409"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9143"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9143"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187268"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015409"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1097"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9143"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-187268"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015409"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1097"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9143"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-01-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-187268"
          },
          {
            "date": "2021-09-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-015409"
          },
          {
            "date": "2021-01-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202101-1097"
          },
          {
            "date": "2021-01-13T22:15:14.177000",
            "db": "NVD",
            "id": "CVE-2020-9143"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-07-21T00:00:00",
            "db": "VULHUB",
            "id": "VHN-187268"
          },
          {
            "date": "2021-09-21T09:03:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-015409"
          },
          {
            "date": "2021-01-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202101-1097"
          },
          {
            "date": "2024-11-21T05:40:07.553000",
            "db": "NVD",
            "id": "CVE-2020-9143"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1097"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Vulnerability regarding lack of authentication for important functions in smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015409"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1097"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202202-1399

    Vulnerability from variot - Updated: 2024-11-23 23:03

    There is a race condition vulnerability in the binder driver subsystem in the kernel.Successful exploitation of this vulnerability may affect kernel stability. EMUI , HarmonyOS , Magic UI There is a race condition vulnerability in.Service operation interruption (DoS) It may be in a state. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in Huawei HarmonyOS

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202202-1399",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "12.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "4.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.0"
          },
          {
            "model": "harmonyos",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.0"
          },
          {
            "model": "harmonyos",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-005385"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40015"
          }
        ]
      },
      "cve": "CVE-2021-40015",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 1.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.4,
                "id": "CVE-2021-40015",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.8,
                "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 1.9,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.4,
                "id": "VHN-401416",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 0.1,
                "vectorString": "AV:L/AC:M/AU:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.0,
                "id": "CVE-2021-40015",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "High",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 4.7,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2021-40015",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-40015",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-40015",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202202-443",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-401416",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401416"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-005385"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-443"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40015"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is a race condition vulnerability in the binder driver subsystem in the kernel.Successful exploitation of this vulnerability may affect kernel stability. EMUI , HarmonyOS , Magic UI There is a race condition vulnerability in.Service operation interruption (DoS) It may be in a state. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in Huawei HarmonyOS",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-40015"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-005385"
          },
          {
            "db": "VULHUB",
            "id": "VHN-401416"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-40015",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-005385",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-443",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-401416",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401416"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-005385"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-443"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40015"
          }
        ]
      },
      "id": "VAR-202202-1399",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401416"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T23:03:55.728000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "security-bulletins-202202-0000001204253396 Huawei\u00a0Support\u00a0Bulletin",
            "trust": 0.8,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202202-0000001204253396"
          },
          {
            "title": "Huawei HarmonyOS Repair measures for the competition condition problem loophole",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=182402"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-005385"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-443"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-362",
            "trust": 1.1
          },
          {
            "problemtype": "Race condition (CWE-362) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401416"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-005385"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40015"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/2/"
          },
          {
            "trust": 1.7,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202202-0000001204253396"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-40015"
          },
          {
            "trust": 0.6,
            "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-wearables-202202-0000001203413350"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401416"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-005385"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-443"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40015"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-401416"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-005385"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-443"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40015"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-02-09T00:00:00",
            "db": "VULHUB",
            "id": "VHN-401416"
          },
          {
            "date": "2023-05-30T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-005385"
          },
          {
            "date": "2022-02-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202202-443"
          },
          {
            "date": "2022-02-09T23:15:16.313000",
            "db": "NVD",
            "id": "CVE-2021-40015"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-02-16T00:00:00",
            "db": "VULHUB",
            "id": "VHN-401416"
          },
          {
            "date": "2023-05-30T04:58:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-005385"
          },
          {
            "date": "2022-03-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202202-443"
          },
          {
            "date": "2024-11-21T06:23:23.190000",
            "db": "NVD",
            "id": "CVE-2021-40015"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-443"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Product race condition vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-005385"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "competition condition problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-443"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202203-0881

    Vulnerability from variot - Updated: 2024-11-23 23:03

    There is a vulnerability of memory not being released after effective lifetime in the Bastet module. Successful exploitation of this vulnerability may affect integrity. Huawei of EMUI , HarmonyOS , Magic UI Contains a vulnerability regarding the lack of free memory after expiration.Information may be tampered with

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202203-0881",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.0.0"
          },
          {
            "model": "harmonyos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "12.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "4.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.0"
          },
          {
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "harmonyos",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-018717"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40047"
          }
        ]
      },
      "cve": "CVE-2021-40047",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2021-40047",
                "impactScore": 6.9,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-401448",
                "impactScore": 6.9,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:C/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2021-40047",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2021-40047",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-40047",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-40047",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202203-1002",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-401448",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401448"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-018717"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202203-1002"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40047"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is a vulnerability of memory not being released after effective lifetime in the Bastet module. Successful exploitation of this vulnerability may affect integrity. Huawei of EMUI , HarmonyOS , Magic UI Contains a vulnerability regarding the lack of free memory after expiration.Information may be tampered with",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-40047"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-018717"
          },
          {
            "db": "VULHUB",
            "id": "VHN-401448"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-40047",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-018717",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202203-1002",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-401448",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401448"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-018717"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202203-1002"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40047"
          }
        ]
      },
      "id": "VAR-202203-0881",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401448"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T23:03:54.892000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "HUAWEI EMUI Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=185903"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202203-1002"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-401",
            "trust": 1.1
          },
          {
            "problemtype": "Lack of memory release after expiration (CWE-401) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401448"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-018717"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40047"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
          },
          {
            "trust": 2.5,
            "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-40047"
          },
          {
            "trust": 0.6,
            "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202203-0000001212585336"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2021-40047/"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401448"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-018717"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202203-1002"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40047"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-401448"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-018717"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202203-1002"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40047"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-03-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-401448"
          },
          {
            "date": "2023-07-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-018717"
          },
          {
            "date": "2022-03-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202203-1002"
          },
          {
            "date": "2022-03-10T17:43:16.463000",
            "db": "NVD",
            "id": "CVE-2021-40047"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-03-14T00:00:00",
            "db": "VULHUB",
            "id": "VHN-401448"
          },
          {
            "date": "2023-07-05T08:12:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-018717"
          },
          {
            "date": "2022-03-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202203-1002"
          },
          {
            "date": "2024-11-21T06:23:27.677000",
            "db": "NVD",
            "id": "CVE-2021-40047"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202203-1002"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Vulnerability related to lack of freeing memory after expiration in product",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-018717"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202203-1002"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202204-0754

    Vulnerability from variot - Updated: 2024-11-23 23:03

    The DFX module has an access control vulnerability.Successful exploitation of this vulnerability may affect data confidentiality. Huawei of EMUI , HarmonyOS , Magic UI Exists in unspecified vulnerabilities.Information may be obtained. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles. An attacker could exploit this vulnerability to cause unauthorized access

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202204-0754",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.0.0"
          },
          {
            "model": "harmonyos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "12.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "4.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.0"
          },
          {
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "harmonyos",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-008143"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-22256"
          }
        ]
      },
      "cve": "CVE-2022-22256",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2022-22256",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-409785",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-22256",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2022-22256",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-22256",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2022-22256",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202204-2017",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-409785",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2022-22256",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-409785"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-22256"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-008143"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202204-2017"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-22256"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The DFX module has an access control vulnerability.Successful exploitation of this vulnerability may affect data confidentiality. Huawei of EMUI , HarmonyOS , Magic UI Exists in unspecified vulnerabilities.Information may be obtained. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles. An attacker could exploit this vulnerability to cause unauthorized access",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-22256"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-008143"
          },
          {
            "db": "VULHUB",
            "id": "VHN-409785"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-22256"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-22256",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-008143",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202204-2017",
            "trust": 0.6
          },
          {
            "db": "CNVD",
            "id": "CNVD-2022-44625",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-409785",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-22256",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-409785"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-22256"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-008143"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202204-2017"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-22256"
          }
        ]
      },
      "id": "VAR-202204-0754",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-409785"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T23:03:53.452000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Huawei HarmonyOS Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=190069"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202204-2017"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-008143"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-22256"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.6,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
          },
          {
            "trust": 2.6,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22256"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2022-22256/"
          },
          {
            "trust": 0.6,
            "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202204-0000001266901897"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-409785"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-22256"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-008143"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202204-2017"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-22256"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-409785"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-22256"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-008143"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202204-2017"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-22256"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-04-11T00:00:00",
            "db": "VULHUB",
            "id": "VHN-409785"
          },
          {
            "date": "2022-04-11T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-22256"
          },
          {
            "date": "2023-07-24T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-008143"
          },
          {
            "date": "2022-04-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202204-2017"
          },
          {
            "date": "2022-04-11T20:15:19.657000",
            "db": "NVD",
            "id": "CVE-2022-22256"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-04-19T00:00:00",
            "db": "VULHUB",
            "id": "VHN-409785"
          },
          {
            "date": "2022-04-19T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-22256"
          },
          {
            "date": "2023-07-24T08:23:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-008143"
          },
          {
            "date": "2022-04-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202204-2017"
          },
          {
            "date": "2024-11-21T06:46:30.127000",
            "db": "NVD",
            "id": "CVE-2022-22256"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202204-2017"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Product vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-008143"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202204-2017"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202206-0376

    Vulnerability from variot - Updated: 2024-11-23 23:03

    The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability. Huawei of EMUI , HarmonyOS , Magic UI contains an improper permissions retention vulnerability.Service operation interruption (DoS) It may be in a state. HUAWEI HarmonyOS is an operating system of China's Huawei (HUAWEI). Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in HUAWEI HarmonyOS 2.0

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202206-0376",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "harmonyos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "12.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "4.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.0"
          },
          {
            "model": "harmonyos",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011281"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-31755"
          }
        ]
      },
      "cve": "CVE-2022-31755",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-31755",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 2.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "VHN-423588",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 1.8,
                "id": "CVE-2022-31755",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 5.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2022-31755",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-31755",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2022-31755",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202206-475",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-423588",
                "trust": 0.1,
                "value": "LOW"
              },
              {
                "author": "VULMON",
                "id": "CVE-2022-31755",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-423588"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-31755"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011281"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-475"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-31755"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability. Huawei of EMUI , HarmonyOS , Magic UI contains an improper permissions retention vulnerability.Service operation interruption (DoS) It may be in a state. HUAWEI HarmonyOS is an operating system of China\u0027s Huawei (HUAWEI). Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in HUAWEI HarmonyOS 2.0",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-31755"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011281"
          },
          {
            "db": "VULHUB",
            "id": "VHN-423588"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-31755"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-31755",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011281",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-475",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2022-66179",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-423588",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-31755",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-423588"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-31755"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011281"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-475"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-31755"
          }
        ]
      },
      "id": "VAR-202206-0376",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-423588"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T23:03:47.175000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "HUAWEI HarmonyOS Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=195990"
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/Live-Hack-CVE/CVE-2022-31755 "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2022-31755"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-475"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-281",
            "trust": 1.1
          },
          {
            "problemtype": "Improper retention of permissions (CWE-281) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-423588"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011281"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-31755"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.6,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
          },
          {
            "trust": 2.6,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/7/"
          },
          {
            "trust": 2.6,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-31755"
          },
          {
            "trust": 0.6,
            "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202206-0000001270510450"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2022-31755/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/281.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/live-hack-cve/cve-2022-31755"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-423588"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-31755"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011281"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-475"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-31755"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-423588"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-31755"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011281"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-475"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-31755"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-06-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-423588"
          },
          {
            "date": "2022-06-13T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-31755"
          },
          {
            "date": "2023-08-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-011281"
          },
          {
            "date": "2022-06-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202206-475"
          },
          {
            "date": "2022-06-13T15:15:10.100000",
            "db": "NVD",
            "id": "CVE-2022-31755"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-10-05T00:00:00",
            "db": "VULHUB",
            "id": "VHN-423588"
          },
          {
            "date": "2022-10-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-31755"
          },
          {
            "date": "2023-08-21T08:18:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-011281"
          },
          {
            "date": "2022-07-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202206-475"
          },
          {
            "date": "2024-11-21T07:05:14.440000",
            "db": "NVD",
            "id": "CVE-2022-31755"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-475"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Product Improper Retention of Permissions Vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011281"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-475"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202202-0615

    Vulnerability from variot - Updated: 2024-11-23 23:00

    There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality. EMUI , HarmonyOS , Magic UI Exists in a digital signature verification vulnerability.Information may be obtained. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202202-0615",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "4.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "12.0.0"
          },
          {
            "model": "harmonyos",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.0"
          },
          {
            "model": "harmonyos",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-005383"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40045"
          }
        ]
      },
      "cve": "CVE-2021-40045",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2021-40045",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "VHN-401446",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2021-40045",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-40045",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-40045",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-40045",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202202-442",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-401446",
                "trust": 0.1,
                "value": "LOW"
              },
              {
                "author": "VULMON",
                "id": "CVE-2021-40045",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401446"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-40045"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-005383"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-442"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40045"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality. EMUI , HarmonyOS , Magic UI Exists in a digital signature verification vulnerability.Information may be obtained. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-40045"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-005383"
          },
          {
            "db": "VULHUB",
            "id": "VHN-401446"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-40045"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-40045",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-005383",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-442",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-401446",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-40045",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401446"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-40045"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-005383"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-442"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40045"
          }
        ]
      },
      "id": "VAR-202202-0615",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401446"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T23:00:58.223000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "security-bulletins-202202-0000001204253396 Huawei\u00a0Support\u00a0Bulletin",
            "trust": 0.8,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202202-0000001204253396"
          },
          {
            "title": "Huawei HarmonyOS Repair measures for data forgery problem vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=182401"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-005383"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-442"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-347",
            "trust": 1.1
          },
          {
            "problemtype": "Improper verification of digital signatures (CWE-347) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401446"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-005383"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40045"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/2/"
          },
          {
            "trust": 1.8,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202202-0000001204253396"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-40045"
          },
          {
            "trust": 0.6,
            "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-wearables-202202-0000001203413350"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/347.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401446"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-40045"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-005383"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-442"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40045"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-401446"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-40045"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-005383"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-442"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40045"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-02-09T00:00:00",
            "db": "VULHUB",
            "id": "VHN-401446"
          },
          {
            "date": "2022-02-09T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-40045"
          },
          {
            "date": "2023-05-30T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-005383"
          },
          {
            "date": "2022-02-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202202-442"
          },
          {
            "date": "2022-02-09T23:15:16.397000",
            "db": "NVD",
            "id": "CVE-2021-40045"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-02-16T00:00:00",
            "db": "VULHUB",
            "id": "VHN-401446"
          },
          {
            "date": "2022-02-16T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-40045"
          },
          {
            "date": "2023-05-30T04:45:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-005383"
          },
          {
            "date": "2022-03-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202202-442"
          },
          {
            "date": "2024-11-21T06:23:27.370000",
            "db": "NVD",
            "id": "CVE-2021-40045"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-442"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Digital Signature Verification Vulnerability in Products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-005383"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "data forgery",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-442"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202203-0263

    Vulnerability from variot - Updated: 2024-11-23 23:00

    There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of this vulnerability may affect integrity. Huawei of EMUI and Magic UI Exists in an integer underflow vulnerability.Information may be tampered with

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202203-0263",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "12.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "4.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.0"
          },
          {
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-018710"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40054"
          }
        ]
      },
      "cve": "CVE-2021-40054",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2021-40054",
                "impactScore": 6.9,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-401455",
                "impactScore": 6.9,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:C/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2021-40054",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2021-40054",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-40054",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-40054",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202203-981",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-401455",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401455"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-018710"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202203-981"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40054"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of this vulnerability may affect integrity. Huawei of EMUI and Magic UI Exists in an integer underflow vulnerability.Information may be tampered with",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-40054"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-018710"
          },
          {
            "db": "VULHUB",
            "id": "VHN-401455"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-40054",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-018710",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202203-981",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-401455",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401455"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-018710"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202203-981"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40054"
          }
        ]
      },
      "id": "VAR-202203-0263",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401455"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T23:00:53.596000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "HUAWEI EMUI Fixes for digital error vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=186010"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202203-981"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-191",
            "trust": 1.1
          },
          {
            "problemtype": "Integer underflow (CWE-191) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401455"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-018710"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40054"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/3/"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-40054"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2021-40054/"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-401455"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-018710"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202203-981"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40054"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-401455"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-018710"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202203-981"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-40054"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-03-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-401455"
          },
          {
            "date": "2023-07-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-018710"
          },
          {
            "date": "2022-03-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202203-981"
          },
          {
            "date": "2022-03-10T17:43:20.147000",
            "db": "NVD",
            "id": "CVE-2021-40054"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-03-14T00:00:00",
            "db": "VULHUB",
            "id": "VHN-401455"
          },
          {
            "date": "2023-07-05T08:11:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-018710"
          },
          {
            "date": "2022-03-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202203-981"
          },
          {
            "date": "2024-11-21T06:23:28.723000",
            "db": "NVD",
            "id": "CVE-2021-40054"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202203-981"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Huawei\u00a0 of \u00a0EMUI\u00a0 and \u00a0Magic\u00a0UI\u00a0 Integer Underflow Vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-018710"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "digital error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202203-981"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202204-0532

    Vulnerability from variot - Updated: 2024-11-23 23:00

    The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system stability. Huawei of EMUI , HarmonyOS , Magic UI contains a vulnerability related to insufficient data integrity verification.Information may be tampered with. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202204-0532",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.0.0"
          },
          {
            "model": "harmonyos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "12.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "4.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.0"
          },
          {
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "harmonyos",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-007945"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-22253"
          }
        ]
      },
      "cve": "CVE-2022-22253",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2022-22253",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-409782",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-22253",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2022-22253",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-22253",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2022-22253",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202204-2020",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-409782",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2022-22253",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-409782"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-22253"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-007945"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202204-2020"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-22253"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system stability. Huawei of EMUI , HarmonyOS , Magic UI contains a vulnerability related to insufficient data integrity verification.Information may be tampered with. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-22253"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-007945"
          },
          {
            "db": "VULHUB",
            "id": "VHN-409782"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-22253"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-22253",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-007945",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202204-2020",
            "trust": 0.6
          },
          {
            "db": "CNVD",
            "id": "CNVD-2022-44623",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-409782",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-22253",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-409782"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-22253"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-007945"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202204-2020"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-22253"
          }
        ]
      },
      "id": "VAR-202204-0532",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-409782"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T23:00:52.364000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Huawei HarmonyOS Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=189779"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202204-2020"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-354",
            "trust": 1.1
          },
          {
            "problemtype": "Incomplete data integrity verification (CWE-354) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-409782"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-007945"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-22253"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.6,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/4/"
          },
          {
            "trust": 2.6,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202204-0000001224076294"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22253"
          },
          {
            "trust": 0.6,
            "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202204-0000001266901897"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2022-22253/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/354.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-409782"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-22253"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-007945"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202204-2020"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-22253"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-409782"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-22253"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-007945"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202204-2020"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-22253"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-04-11T00:00:00",
            "db": "VULHUB",
            "id": "VHN-409782"
          },
          {
            "date": "2022-04-11T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-22253"
          },
          {
            "date": "2023-07-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-007945"
          },
          {
            "date": "2022-04-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202204-2020"
          },
          {
            "date": "2022-04-11T20:15:19.523000",
            "db": "NVD",
            "id": "CVE-2022-22253"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-04-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-409782"
          },
          {
            "date": "2022-04-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-22253"
          },
          {
            "date": "2023-07-21T08:18:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-007945"
          },
          {
            "date": "2022-04-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202204-2020"
          },
          {
            "date": "2024-11-21T06:46:29.797000",
            "db": "NVD",
            "id": "CVE-2022-22253"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202204-2020"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Vulnerability related to insufficient data integrity verification in products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-007945"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202204-2020"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202206-0259

    Vulnerability from variot - Updated: 2024-11-23 23:00

    The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability. Huawei of EMUI , HarmonyOS , Magic UI contains an out-of-bounds read vulnerability and an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state. HUAWEI HarmonyOS is an operating system of China's Huawei (HUAWEI). Provide a microkernel-based full-scenario distributed operating system

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202206-0259",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.0"
          },
          {
            "model": "harmonyos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "4.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "12.0.0"
          },
          {
            "model": "harmonyos",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011372"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-46814"
          }
        ]
      },
      "cve": "CVE-2021-46814",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2021-46814",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-423547",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2021-46814",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2021-46814",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-46814",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-46814",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202206-481",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-423547",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2021-46814",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-423547"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-46814"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011372"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-481"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-46814"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability. Huawei of EMUI , HarmonyOS , Magic UI contains an out-of-bounds read vulnerability and an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state. HUAWEI HarmonyOS is an operating system of China\u0027s Huawei (HUAWEI). Provide a microkernel-based full-scenario distributed operating system",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-46814"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011372"
          },
          {
            "db": "VULHUB",
            "id": "VHN-423547"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-46814"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-46814",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011372",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-481",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2022-51604",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-423547",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-46814",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-423547"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-46814"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011372"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-481"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-46814"
          }
        ]
      },
      "id": "VAR-202206-0259",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-423547"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T23:00:49.233000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-125",
            "trust": 1.0
          },
          {
            "problemtype": "Out-of-bounds read (CWE-125) [NVD evaluation ]",
            "trust": 0.8
          },
          {
            "problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-423547"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011372"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-46814"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.6,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
          },
          {
            "trust": 2.6,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-46814"
          },
          {
            "trust": 0.6,
            "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202206-0000001270510450"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2021-46814/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-423547"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-46814"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011372"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-481"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-46814"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-423547"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-46814"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011372"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-481"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-46814"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-06-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-423547"
          },
          {
            "date": "2022-06-13T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-46814"
          },
          {
            "date": "2023-08-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-011372"
          },
          {
            "date": "2022-06-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202206-481"
          },
          {
            "date": "2022-06-13T15:15:09.893000",
            "db": "NVD",
            "id": "CVE-2021-46814"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-06-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-423547"
          },
          {
            "date": "2022-06-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-46814"
          },
          {
            "date": "2023-08-21T08:21:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-011372"
          },
          {
            "date": "2022-06-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202206-481"
          },
          {
            "date": "2024-11-21T06:34:45.203000",
            "db": "NVD",
            "id": "CVE-2021-46814"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-481"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Product out-of-bounds read vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011372"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-481"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202101-0999

    Vulnerability from variot - Updated: 2024-11-23 22:58

    There is a improper input validation vulnerability in some Huawei Smartphone.Successful exploit of this vulnerability can cause memory access errors and denial of service. Huawei Emui is an Android-based mobile operating system developed by Huawei in China. Honor Magic Ui is an Android-based mobile operating system developed by China Honor Company. The following products and models are affected: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202101-0999",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.1.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "4.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.0.0"
          },
          {
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015405"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9139"
          }
        ]
      },
      "cve": "CVE-2020-9139",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2020-9139",
                "impactScore": 4.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-187264",
                "impactScore": 4.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-9139",
                "impactScore": 5.2,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.1,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-9139",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9139",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-9139",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202101-1041",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-187264",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187264"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015405"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1041"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9139"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is a improper input validation vulnerability in some Huawei Smartphone.Successful exploit of this vulnerability can cause memory access errors and denial of service. Huawei Emui is an Android-based mobile operating system developed by Huawei in China. Honor Magic Ui is an Android-based mobile operating system developed by China Honor Company. The following products and models are affected: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9139"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015405"
          },
          {
            "db": "VULHUB",
            "id": "VHN-187264"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9139",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015405",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1041",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-187264",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187264"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015405"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1041"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9139"
          }
        ]
      },
      "id": "VAR-202101-0999",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187264"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T22:58:01.241000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Huawei\u00a0EMUI/Magic\u00a0UI\u00a0security\u00a0updates\u00a0Dec-20",
            "trust": 0.8,
            "url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
          },
          {
            "title": "Huawei Emui  and  Honor Magic Ui Enter the fix for the verification error vulnerability",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=139431"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015405"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1041"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.1
          },
          {
            "problemtype": "Incorrect input confirmation (CWE-20) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187264"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015405"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9139"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9139"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187264"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015405"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1041"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9139"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-187264"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015405"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1041"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9139"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-01-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-187264"
          },
          {
            "date": "2021-09-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-015405"
          },
          {
            "date": "2021-01-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202101-1041"
          },
          {
            "date": "2021-01-13T22:15:13.943000",
            "db": "NVD",
            "id": "CVE-2020-9139"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-01-19T00:00:00",
            "db": "VULHUB",
            "id": "VHN-187264"
          },
          {
            "date": "2021-09-21T09:03:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-015405"
          },
          {
            "date": "2021-01-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202101-1041"
          },
          {
            "date": "2024-11-21T05:40:07",
            "db": "NVD",
            "id": "CVE-2020-9139"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1041"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Vulnerability related to input confirmation on smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015405"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1041"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202205-1188

    Vulnerability from variot - Updated: 2024-11-23 22:57

    Configuration defects in the secure OS module. Successful exploitation of this vulnerability can affect availability. Huawei of EMUI and Magic UI Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. HUAWEI EMUI is a mobile operating system developed by China Huawei (HUAWEI) based on Android

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202205-1188",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "12.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.1"
          },
          {
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-009691"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-46789"
          }
        ]
      },
      "cve": "CVE-2021-46789",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2021-46789",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-419301",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2021-46789",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2021-46789",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-46789",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-46789",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202205-3330",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-419301",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-419301"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-009691"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202205-3330"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-46789"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Configuration defects in the secure OS module. Successful exploitation of this vulnerability can affect availability. Huawei of EMUI and Magic UI Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. HUAWEI EMUI is a mobile operating system developed by China Huawei (HUAWEI) based on Android",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-46789"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-009691"
          },
          {
            "db": "VULHUB",
            "id": "VHN-419301"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-46789"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-46789",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-009691",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202205-3330",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2022-43212",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-419301",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-46789",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-419301"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-46789"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-009691"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202205-3330"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-46789"
          }
        ]
      },
      "id": "VAR-202205-1188",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-419301"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T22:57:43.639000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "HUAWEI EMUI Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=193836"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202205-3330"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-009691"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-46789"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.6,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/5/"
          },
          {
            "trust": 2.5,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-46789"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2021-46789/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-419301"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-46789"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-009691"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202205-3330"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-46789"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-419301"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-46789"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-009691"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202205-3330"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-46789"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-05-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-419301"
          },
          {
            "date": "2022-05-13T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-46789"
          },
          {
            "date": "2023-08-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-009691"
          },
          {
            "date": "2022-05-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202205-3330"
          },
          {
            "date": "2022-05-13T15:15:08.617000",
            "db": "NVD",
            "id": "CVE-2021-46789"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-02-01T00:00:00",
            "db": "VULHUB",
            "id": "VHN-419301"
          },
          {
            "date": "2022-05-13T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-46789"
          },
          {
            "date": "2023-08-07T08:15:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-009691"
          },
          {
            "date": "2022-06-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202205-3330"
          },
          {
            "date": "2024-11-21T06:34:43.503000",
            "db": "NVD",
            "id": "CVE-2021-46789"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202205-3330"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Huawei\u00a0 of \u00a0EMUI\u00a0 and \u00a0Magic\u00a0UI\u00a0 Vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-009691"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202205-3330"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202206-0119

    Vulnerability from variot - Updated: 2024-11-23 22:57

    The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality. Huawei of EMUI , HarmonyOS , Magic UI Exists in unspecified vulnerabilities.Information may be obtained. HUAWEI HarmonyOS is an operating system of China's Huawei (HUAWEI). Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in HUAWEI HarmonyOS 2.0

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202206-0119",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "harmonyos",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "12.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "4.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.0"
          },
          {
            "model": "harmonyos",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011280"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-31756"
          }
        ]
      },
      "cve": "CVE-2022-31756",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-31756",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "VHN-423589",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2022-31756",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2022-31756",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-31756",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2022-31756",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202206-476",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-423589",
                "trust": 0.1,
                "value": "LOW"
              },
              {
                "author": "VULMON",
                "id": "CVE-2022-31756",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-423589"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-31756"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011280"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-476"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-31756"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality. Huawei of EMUI , HarmonyOS , Magic UI Exists in unspecified vulnerabilities.Information may be obtained. HUAWEI HarmonyOS is an operating system of China\u0027s Huawei (HUAWEI). Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in HUAWEI HarmonyOS 2.0",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-31756"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011280"
          },
          {
            "db": "VULHUB",
            "id": "VHN-423589"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-31756"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-31756",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011280",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-476",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2022-66180",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-423589",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-31756",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-423589"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-31756"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011280"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-476"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-31756"
          }
        ]
      },
      "id": "VAR-202206-0119",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-423589"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T22:57:39.487000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "HUAWEI HarmonyOS Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=195991"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-476"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011280"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-31756"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.6,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
          },
          {
            "trust": 2.6,
            "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-31756"
          },
          {
            "trust": 0.6,
            "url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202206-0000001270510450"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2022-31756/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-423589"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-31756"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011280"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-476"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-31756"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-423589"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-31756"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011280"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-476"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-31756"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-06-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-423589"
          },
          {
            "date": "2022-06-13T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-31756"
          },
          {
            "date": "2023-08-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-011280"
          },
          {
            "date": "2022-06-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202206-476"
          },
          {
            "date": "2022-06-13T15:15:10.150000",
            "db": "NVD",
            "id": "CVE-2022-31756"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-06-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-423589"
          },
          {
            "date": "2022-06-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-31756"
          },
          {
            "date": "2023-08-21T08:18:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-011280"
          },
          {
            "date": "2022-06-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202206-476"
          },
          {
            "date": "2024-11-21T07:05:14.587000",
            "db": "NVD",
            "id": "CVE-2022-31756"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-476"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Product vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011280"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-476"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202206-0936

    Vulnerability from variot - Updated: 2024-11-23 22:57

    Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features. Huawei of EMUI and Magic UI Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. HUAWEI EMUI is a mobile operating system developed by China Huawei (HUAWEI) based on Android. The following products and versions are affected: EMUI 12.0.0, EMUI 10.1.0, Magic UI 3.1.0

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202206-0936",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "12.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.0"
          },
          {
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011282"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-31754"
          }
        ]
      },
      "cve": "CVE-2022-31754",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2022-31754",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-423587",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-31754",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2022-31754",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-31754",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2022-31754",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202206-1175",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-423587",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2022-31754",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-423587"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-31754"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011282"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-1175"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-31754"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features. Huawei of EMUI and Magic UI Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state. HUAWEI EMUI is a mobile operating system developed by China Huawei (HUAWEI) based on Android. The following products and versions are affected: EMUI 12.0.0, EMUI 10.1.0, Magic UI 3.1.0",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-31754"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011282"
          },
          {
            "db": "VULHUB",
            "id": "VHN-423587"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-31754"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-31754",
            "trust": 3.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011282",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-1175",
            "trust": 0.7
          },
          {
            "db": "CNVD",
            "id": "CNVD-2022-51602",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-423587",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-31754",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-423587"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-31754"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011282"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-1175"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-31754"
          }
        ]
      },
      "id": "VAR-202206-0936",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-423587"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T22:57:38.889000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "HUAWEI EMUI Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=196788"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-1175"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          },
          {
            "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011282"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-31754"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.6,
            "url": "https://consumer.huawei.com/en/support/bulletin/2022/6/"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-31754"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2022-31754/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-423587"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-31754"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011282"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-1175"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-31754"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-423587"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-31754"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011282"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-1175"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-31754"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-06-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-423587"
          },
          {
            "date": "2022-06-13T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-31754"
          },
          {
            "date": "2023-08-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-011282"
          },
          {
            "date": "2022-06-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202206-1175"
          },
          {
            "date": "2022-06-13T16:15:08.670000",
            "db": "NVD",
            "id": "CVE-2022-31754"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-06-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-423587"
          },
          {
            "date": "2022-06-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-31754"
          },
          {
            "date": "2023-08-21T08:18:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-011282"
          },
          {
            "date": "2022-06-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202206-1175"
          },
          {
            "date": "2024-11-21T07:05:14.277000",
            "db": "NVD",
            "id": "CVE-2022-31754"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-1175"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Huawei\u00a0 of \u00a0EMUI\u00a0 and \u00a0Magic\u00a0UI\u00a0 Vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-011282"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202206-1175"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202101-0998

    Vulnerability from variot - Updated: 2024-11-23 22:54

    There is a heap-based buffer overflow vulnerability in some Huawei Smartphone, Successful exploit of this vulnerability can cause process exceptions during updating. plural Huawei Smartphones contain a vulnerability related to out-of-bounds writing.Denial of service (DoS) It may be put into a state. Huawei Emui is an Android-based mobile operating system developed by Huawei in China. Honor Magic Ui is an Android-based mobile operating system developed by China Honor Company

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202101-0998",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "2.1.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "9.1.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.0.0"
          },
          {
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015440"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9138"
          }
        ]
      },
      "cve": "CVE-2020-9138",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2020-9138",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-187263",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-9138",
                "impactScore": 1.4,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "Low",
                "baseScore": 5.3,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2020-9138",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9138",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-9138",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202101-1043",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-187263",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187263"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015440"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1043"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9138"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "There is a heap-based buffer overflow vulnerability in some Huawei Smartphone, Successful exploit of this vulnerability can cause process exceptions during updating. plural Huawei Smartphones contain a vulnerability related to out-of-bounds writing.Denial of service (DoS) It may be put into a state. Huawei Emui is an Android-based mobile operating system developed by Huawei in China. Honor Magic Ui is an Android-based mobile operating system developed by China Honor Company",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9138"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015440"
          },
          {
            "db": "VULHUB",
            "id": "VHN-187263"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9138",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015440",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1043",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-187263",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187263"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015440"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1043"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9138"
          }
        ]
      },
      "id": "VAR-202101-0998",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187263"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T22:54:56.183000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Huawei\u00a0EMUI/Magic\u00a0UI\u00a0security\u00a0updates\u00a0Dec-20",
            "trust": 0.8,
            "url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
          },
          {
            "title": "Repair measures for Huawei smartphone buffer error vulnerability",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=139432"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015440"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1043"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.1
          },
          {
            "problemtype": "Out-of-bounds writing (CWE-787) [NVD Evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187263"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015440"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9138"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://consumer.huawei.com/en/support/bulletin/2020/12/"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9138"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187263"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015440"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1043"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9138"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-187263"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015440"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1043"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9138"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-01-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-187263"
          },
          {
            "date": "2021-09-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-015440"
          },
          {
            "date": "2021-01-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202101-1043"
          },
          {
            "date": "2021-01-13T22:15:13.880000",
            "db": "NVD",
            "id": "CVE-2020-9138"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-01-19T00:00:00",
            "db": "VULHUB",
            "id": "VHN-187263"
          },
          {
            "date": "2021-09-22T09:11:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-015440"
          },
          {
            "date": "2021-01-21T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202101-1043"
          },
          {
            "date": "2024-11-21T05:40:06.840000",
            "db": "NVD",
            "id": "CVE-2020-9138"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1043"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Huawei\u00a0 Vulnerability regarding out-of-bounds writing on smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-015440"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202101-1043"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202104-1919

    Vulnerability from variot - Updated: 2024-11-23 22:54

    A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers may exploit this vulnerability by carefully constructing attack scenarios to cause out-of-bounds read. Huawei A classic buffer overflow vulnerability exists in smartphones.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Huawei Emui is an Android-based mobile operating system developed by China's Huawei (Huawei)

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202104-1919",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "11.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.1.1"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.0.0"
          },
          {
            "model": "emui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "10.1.1"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "4.0.0"
          },
          {
            "model": "magic ui",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "huawei",
            "version": "3.0.0"
          },
          {
            "model": "magic ui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "emui",
            "scope": null,
            "trust": 0.8,
            "vendor": "huawei",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-016439"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9147"
          }
        ]
      },
      "cve": "CVE-2020-9147",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.4,
                "id": "CVE-2020-9147",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.4,
                "id": "VHN-187272",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:L/AC:M/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2020-9147",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2020-9147",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9147",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2020-9147",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202104-026",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-187272",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-9147",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187272"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9147"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-016439"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-026"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9147"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers may exploit this vulnerability by carefully constructing attack scenarios to cause out-of-bounds read. Huawei A classic buffer overflow vulnerability exists in smartphones.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Huawei Emui is an Android-based mobile operating system developed by China\u0027s Huawei (Huawei)",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9147"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-016439"
          },
          {
            "db": "VULHUB",
            "id": "VHN-187272"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9147"
          }
        ],
        "trust": 1.8
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9147",
            "trust": 2.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-016439",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-026",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-187272",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9147",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187272"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9147"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-016439"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-026"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9147"
          }
        ]
      },
      "id": "VAR-202104-1919",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187272"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T22:54:47.574000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Huawei\u00a0EMUI/Magic\u00a0UI\u00a0 Security update \u00a02021 Year 1 Moon",
            "trust": 0.8,
            "url": "https://consumer.huawei.com/jp/support/bulletin/2021/1/"
          },
          {
            "title": "Huawei Emui Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=146444"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-016439"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-026"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-125",
            "trust": 1.1
          },
          {
            "problemtype": "Classic buffer overflow (CWE-120) [NVD Evaluation ]",
            "trust": 0.8
          },
          {
            "problemtype": "CWE-120",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187272"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-016439"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9147"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://consumer.huawei.com/cn/support/bulletin/2021/1"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9147"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/120.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187272"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9147"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-016439"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-026"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9147"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-187272"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-9147"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-016439"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-026"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9147"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-04-01T00:00:00",
            "db": "VULHUB",
            "id": "VHN-187272"
          },
          {
            "date": "2021-04-01T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-9147"
          },
          {
            "date": "2021-12-03T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-016439"
          },
          {
            "date": "2021-04-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202104-026"
          },
          {
            "date": "2021-04-01T18:15:12.417000",
            "db": "NVD",
            "id": "CVE-2020-9147"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-06-28T00:00:00",
            "db": "VULHUB",
            "id": "VHN-187272"
          },
          {
            "date": "2021-04-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-9147"
          },
          {
            "date": "2021-12-03T09:05:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-016439"
          },
          {
            "date": "2021-04-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202104-026"
          },
          {
            "date": "2024-11-21T05:40:08.193000",
            "db": "NVD",
            "id": "CVE-2020-9147"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-026"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Huawei\u00a0 Classic buffer overflow vulnerability in smartphones",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-016439"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-026"
          }
        ],
        "trust": 0.6
      }
    }