CVE-2021-22371Incorrect Default Permissions in Huawei Emui

CWE-276Incorrect Default Permissions3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.1%
top 69.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei EmuiHuawei Magic UI
Timeline
PublishedJun 30
Latest updateMay 24

Description

There is an Improper Permission Management Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDhuawei/emui10.1.1, 11.0.0, 11.0.1+2
NVDhuawei/magic_ui3.1.1, 4.0.0+1

🔴Vulnerability Details

2
GHSA
GHSA-9vf9-hcg2-9f94: There is an Improper Permission Management Vulnerability in Huawei Smartphone2022-05-24
CVEList
CVE-2021-22371: There is an Improper Permission Management Vulnerability in Huawei Smartphone2021-06-30
CVE-2021-22371 — Incorrect Default Permissions | cvebase