CVE-2021-22316Missing Authentication for Critical Function in Huawei Emui

CWE-306Missing Authentication for Critical Function3 documents3 sources
Severity
6.8MEDIUMNVD
EPSS
0.0%
top 93.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei EmuiHuawei Magic UI
Timeline
PublishedJun 3
Latest updateMay 24

Description

There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone. Attackers with physical access to the device can thereby exploit this vulnerability. A successful exploitation of this vulnerability can compromise the device's data security and functional availability.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 0.9 | Impact: 5.9

Affected Packages2 packages

NVDhuawei/emui10.1.1, 11.0.0, 11.0.1+2
NVDhuawei/magic_ui3.1.1, 4.0.0+1

🔴Vulnerability Details

2
GHSA
GHSA-45rv-q5wp-f6c4: There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone2022-05-24
CVEList
CVE-2021-22316: There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone2021-06-03
CVE-2021-22316 — Huawei Emui vulnerability | cvebase