CVE-2021-22369

2021-06-3014:48:09

huawei

www.cve.org

toctou race condition

huawei

smartphone

vulnerability

root user escalation

AI Score

8.5

Confidence

High

EPSS

0.002

Percentile

60.7%

JSON

There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Huawei Smartphone. Successful exploitation of these vulnerabilities may escalate the permission to that of the root user.

CNA Affected

[
  {
    "product": "EMUI;Magic UI",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "EMUI 11.0.0,EMUI 10.1.1"
      },
      {
        "status": "affected",
        "version": "Magic UI 4.0.0,Magic UI 3.1.1"
      }
    ]
  }
]

References

consumer.huawei.com/en/support/bulletin/2021/5/