CVE-2021-22448Missing Authorization in Huawei Emui

CWE-862Missing Authorization3 documents3 sources
Severity
9.1CRITICALNVD
EPSS
0.1%
top 64.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei EmuiHuawei Magic UI
Timeline
PublishedFeb 25
Latest updateFeb 26

Description

There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause unauthorized read and write of some files.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 3.9 | Impact: 5.2

Affected Packages4 packages

CVEListV5huawei/emui6 versions+5
NVDhuawei/emui6 versions+5
CVEListV5huawei/magic_ui5 versions+4
NVDhuawei/magic_ui5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-4677-mm85-px6j: There is an improper verification vulnerability in smartphones2022-02-26
CVEList
CVE-2021-22448: There is an improper verification vulnerability in smartphones2022-02-25
CVE-2021-22448 — Missing Authorization in Huawei Emui | cvebase