Lucene search

HuaweiCVE-2021-22416

HistoryAug 03, 2021 - 6:15 p.m.

CVE-2021-22416

2021-08-0318:15:07

huawei

web.nvd.nist.gov

cve-2021-22416

harmonyos

data processing errors

vulnerability

kernel code execution

local attackers

nvd

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

5.1%

JSON

A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Code Execution.

Affected configurations

Nvd

Vulners

Node

huaweiharmonyosMatch2.0

VendorProductVersionCPE
huaweiharmonyos2.0cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
huawei	harmonyos	2.0	cpe:2.3:o:huawei:harmonyos:2.0:::::::*

CNA Affected

[
  {
    "product": "HarmonyOS",
    "vendor": "Huawei",
    "versions": [
      {
        "status": "affected",
        "version": "2.0"
      }
    ]
  }
]

References

device.harmonyos.com/cn/docs/security/update/oem_security_update_phone_202106-0000001165452077

Social References

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

5.1%

JSON

Related for CVE-2021-22416