CVE-2021-39986 — Incorrect Authorization in Huawei Emui

CWE-863 — Incorrect Authorization2 documents2 sources

Severity

5.5MEDIUMNVD

EPSS

0.0%

top 92.14%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Emui

Timeline

PublishedFeb 9

Latest updateFeb 11

Description

There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages1 packages

▶NVDhuawei/emui12.0.0

🔴Vulnerability Details

GHSA

GHSA-q745-q679-hh85: There is an unauthorized rewriting vulnerability with the memory access management module on ACPU↗2022-02-11

▶