CVE-2021-22403Huawei Emui vulnerability

3 documents3 sources
Severity
9.8CRITICALNVD
EPSS
0.2%
top 56.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei EmuiHuawei Magic UI
Timeline
PublishedOct 28
Latest updateMay 24

Description

There is a vulnerability of hijacking unverified providers in Huawei Smartphone.Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious commands.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

CVEListV5huawei/emui6 versions+5
NVDhuawei/emui6 versions+5
CVEListV5huawei/magic_ui5 versions+4
NVDhuawei/magic_ui5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-grxw-m549-ppgw: There is a vulnerability of hijacking unverified providers in Huawei Smartphone2022-05-24
CVEList
CVE-2021-22403: There is a vulnerability of hijacking unverified providers in Huawei Smartphone2021-10-28
CVE-2021-22403 — Huawei Emui vulnerability | cvebase