CVE-2021-22392

EPSS 0.1%
Published 02.08.2021 17:15:14
Last modified 21.11.2024 05:50:02
Source psirt@huawei.com
Teams watchlist Login
Open Login

There is an Incorrect Calculation of Buffer Size in Huawei Smartphone.Successful exploitation of this vulnerability may cause verification bypass and directions to abnormal addresses.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Huawei ≫ Emui Version9.1.0

Huawei ≫ Emui Version9.1.1

Huawei ≫ Emui Version10.0.0

Huawei ≫ Emui Version10.1.0

Huawei ≫ Emui Version10.1.1

Huawei ≫ Emui Version11.0.0

Huawei ≫ Magic Ui Version2.1.1

Huawei ≫ Magic Ui Version3.0.0

Huawei ≫ Magic Ui Version3.1.0

Huawei ≫ Magic Ui Version3.1.1

Huawei ≫ Magic Ui Version4.0.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.1%	0.25

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N

CWE-131 Incorrect Calculation of Buffer Size

The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.

https://consumer.huawei.com/en/support/bulletin/2021/6/

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-22392

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-22392

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-22392

EUVD