Huawei Harmonyos vulnerabilities

CVE-2021-37040 [CRITICAL] CWE-88 CVE-2021-37040: There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vu There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause privilege escalation of files after CIFS share mounting.

CVE-2021-37049 [CRITICAL] CWE-787 CVE-2021-37049: There is a Heap-based buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of There is a Heap-based buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may rewrite the memory of adjacent objects.

CVE-2021-37045 [CRITICAL] CWE-416 CVE-2021-37045: There is an UAF vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may There is an UAF vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart unexpectedly and the kernel-mode code to be executed.

CVE-2021-37054 [HIGH] CWE-287 CVE-2021-37054: There is an Identity spoofing and authentication bypass vulnerability in Huawei Smartphone.Successfu There is an Identity spoofing and authentication bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37069 [HIGH] CWE-362 CVE-2021-37069: There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnera There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.

CVE-2021-37053 [HIGH] CVE-2021-37053: There is a Service logic vulnerability in Huawei Smartphone.Successful exploitation of this vulnerab There is a Service logic vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.

CVE-2021-37097 [HIGH] CWE-94 CVE-2021-37097: There is a Code Injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnera There is a Code Injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system restart.

CVE-2021-37075 [HIGH] CVE-2021-37075: There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful exploitation There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to confidentiality affected.

CVE-2021-37092 [HIGH] CWE-459 CVE-2021-37092: There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vul There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.

CVE-2021-37074 [HIGH] CWE-362 CVE-2021-37074: There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnera There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user root privilege escalation.

CVE-2021-37037 [HIGH] CVE-2021-37037: There is an Invalid address access vulnerability in Huawei Smartphone.Successful exploitation of thi There is an Invalid address access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart.

CVE-2021-37052 [HIGH] CWE-755 CVE-2021-37052: There is an Exception log vulnerability in Huawei Smartphone.Successful exploitation of this vulnera There is an Exception log vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause address information leakage.

CVE-2021-37044 [HIGH] CWE-281 CVE-2021-37044: There is a Permission control vulnerability in Huawei Smartphone.Successful exploitation of this vul There is a Permission control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.

CVE-2021-37050 [HIGH] CWE-311 CVE-2021-37050: There is a Missing sensitive data encryption vulnerability in Huawei Smartphone.Successful exploitat There is a Missing sensitive data encryption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37039 [MEDIUM] CWE-20 CVE-2021-37039: There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vu There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Bluetooth DoS.

CVE-2021-37093 [MEDIUM] CVE-2021-37093: There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of thi There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers steal short messages.

CVE-2021-37020 [CRITICAL] CWE-787 CVE-2021-37020: There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read.

CVE-2021-37064 [CRITICAL] CWE-22 CVE-2021-37064: There is a Improper Limitation of a Pathname to a Restricted Directory vulnerability in Huawei Smart There is a Improper Limitation of a Pathname to a Restricted Directory vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to arbitrary file created.

CVE-2021-37095 [CRITICAL] CWE-190 CVE-2021-37095: There is a Integer Overflow or Wraparound vulnerability in Huawei Smartphone.Successful exploitation There is a Integer Overflow or Wraparound vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to remote denial of service and potential remote code execution.

CVE-2021-37079 [CRITICAL] CWE-94 CVE-2021-37079: There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of t There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to delete arbitrary file by system_app permission.