CVE-2021-22306

CWE-125 — Out-of-bounds Read3 documents3 sources

Severity

4.6MEDIUM

EPSS

0.0%

top 93.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Mate 30 Firmware

Timeline

PublishedFeb 6

Latest updateMay 24

Description

There is an out-of-bound read vulnerability in Mate 30 10.0.0.182(C00E180R6P2). A module does not verify the some input when dealing with messages. Attackers can exploit this vulnerability by sending malicious input through specific module. This could cause out-of-bound, compromising normal service.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 0.9 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5huawei_mate_3010.0.0.182(C00E180R6P2)

▶NVDhuawei/mate_30_firmware10.0.0.182\(c00e180r6p2\)

🔴Vulnerability Details

GHSA

GHSA-p9p8-p6wp-9g6c: There is an out-of-bound read vulnerability in Mate 30 10↗2022-05-24

▶

CVEList

CVE-2021-22306: There is an out-of-bound read vulnerability in Mate 30 10↗2021-02-06

▶