CVE-2021-37086Improper Preservation of Permissions in Huawei Harmonyos

CWE-281Improper Preservation of Permissions2 documents2 sources
Severity
8.6HIGHNVD
EPSS
0.1%
top 70.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei Harmonyos
Timeline
PublishedDec 7
Latest updateDec 8

Description

There is a Improper Preservation of Permissions vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers which can isolate and read synchronization files of other applications across the UID sandbox.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:NExploitability: 3.9 | Impact: 4.0

Affected Packages2 packages

NVDhuawei/harmonyos< 2.0
CVEListV5huawei/harmonyos2.0

🔴Vulnerability Details

1
GHSA
GHSA-gxj5-6fw2-663j: There is a Improper Preservation of Permissions vulnerability in Huawei Smartphone2021-12-08