CVE-2021-22327

CWE-787Out-of-bounds Write3 documents3 sources
Severity
6.5MEDIUM
EPSS
0.2%
top 62.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei P30 Firmware
Timeline
PublishedApr 28
Latest updateMay 24

Description

There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing. Due to insufficient validation of the input files, successful exploit could cause certain service abnormal. Affected product versions include:HUAWEI P30 versions 10.0.0.186(C10E7R5P1), 10.0.0.186(C461E4R3P1), 10.0.0.188(C00E85R2P11), 10.0.0.188(C01E88R2P11),10.0.0.188(C605E19R1P3), 10.0.0.190(C185E4R7P1), 10.0.0.190(C431E22R2P5), 10.0.0.190(C432E22R2P5),10.0.0.190(C605E19R1P3), 10.0.0.190(C636E4R

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5huawei_p3010.0.0.186(C10E7R5P1),10.0.0.186(C461E4R3P1),10.0.0.188(C00E85R2P11),10.0.0.188(C01E88R2P11),10.0.0.188(C605E19R1P3),10.0.0.190(C185E4R7P1),10.0.0.190(C431E22R2P5),10.0.0.190(C432E22R2P5),10.0.0.190(C605E19R1P3),10.0.0.190(C636E4R3P4),10.0.0.192(C635E3R2P4)
NVDhuawei/p30_firmware11 versions+10

🔴Vulnerability Details

2
GHSA
GHSA-h5qw-wfpg-g2wr: There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing2022-05-24
CVEList
CVE-2021-22327: There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing2021-04-28
CVE-2021-22327 (MEDIUM CVSS 6.5) | There is an arbitrary memory write | cvebase.io