CVE-2021-37056

Published: Dec 7, 2021Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

There is an Improper permission control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to obtain certain device information.

Affected (7)

Products: Huawei: Emui, Magic Ui

Huawei

2 products

Emui

Magic Ui

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Huawei Emui	Version 10.0.0
Huawei Emui	Version 10.1.0
Huawei Emui	Version 9.1.0
Huawei Emui	Version 9.1.1
Huawei Magic Ui	Version 2.1.1
Huawei Magic Ui	Version 3.0.0
Huawei Magic Ui	Version 3.1.0

Related CWEs

CWE-281

Improper Preservation of Permissions

The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.

References (3)

https://consumer.huawei.com/en/support/bulletin/2021/9/

Source: psirt@huawei.com

Not ApplicableVendor Advisory

https://consumer.huawei.com/om/support/bulletin/2021/10/

Source: nvd@nist.gov

Vendor Advisory

https://consumer.huawei.com/en/support/bulletin/2021/9/

Source: af854a3a-2127-422b-91ae-364da2661108

Not ApplicableVendor Advisory

Timeline

No history available yet.