CVE-2021-37121Improper Privilege Management in Huawei Emui

CWE-269Improper Privilege Management3 documents3 sources
Severity
9.8CRITICALNVD
EPSS
0.2%
top 53.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei EmuiHuawei Magic UI
Timeline
PublishedJan 3
Latest updateJan 4

Description

There is a Configuration defects in Smartphone.Successful exploitation of this vulnerability may elevate the MEID (IMEI) permission.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDhuawei/emui10.0.0, 10.1.0+1
NVDhuawei/magic_ui3.0.0, 3.1.0+1

🔴Vulnerability Details

2
GHSA
GHSA-m5rx-4969-hh6c: There is a Configuration defects in Smartphone2022-01-04
CVEList
CVE-2021-37121: There is a Configuration defects in Smartphone2022-01-03
CVE-2021-37121 — Improper Privilege Management | cvebase