EUVD-2021-27235

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Vulnerability in signature verification during recovery mode upgrade may compromise service confidentiality

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2021-40045	10 Feb 202202:23	–	circl
CNNVD	Huawei HarmonyOS 数据伪造问题漏洞	5 Feb 202200:00	–	cnnvd
CNVD	Huawei HarmonyOS Data Forgery Issue Vulnerability	9 Feb 202200:00	–	cnvd
CVE	CVE-2021-40045	9 Feb 202222:03	–	cve
Cvelist	CVE-2021-40045	9 Feb 202222:03	–	cvelist
NVD	CVE-2021-40045	9 Feb 202223:15	–	nvd
Prion	Privilege escalation	9 Feb 202223:15	–	prion
RedhatCVE	CVE-2021-40045	22 May 202518:44	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "870bf20b-e8b8-33c6-b7d4-f2900acd54bd",
        "vendor": {
          "name": "Huawei"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "544242af-1149-3da0-881a-fe3b24d04a68",
        "product": {
          "name": "HarmonyOS"
        },
        "product_version": "4.0.0"
      },
      {
        "id": "a8080290-bdfa-3081-bd76-6ec329befc4d",
        "product": {
          "name": "Magic UI"
        },
        "product_version": "11.0.0"
      },
      {
        "id": "c79d4a35-d203-378c-9c27-8657f5fd3aa0",
        "product": {
          "name": "EMUI"
        },
        "product_version": "2.0"
      },
      {
        "id": "e173e561-61b8-36cd-a441-ddae5dffb6bb",
        "product": {
          "name": "Magic UI"
        },
        "product_version": "11.0.1"
      },
      {
        "id": "f92fa822-8c22-39fc-a503-45f8e180e09b",
        "product": {
          "name": "Magic UI"
        },
        "product_version": "12.0.0"
      }
    ]
  }
]

Source	Link
consumer	www.consumer.huawei.com/en/support/bulletin/2022/2/
device	www.device.harmonyos.com/en/docs/security/update/security-bulletins-202202-0000001204253396
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

5.5Medium risk

Vulners AI Score5.5

CVSS 3.15.5

CVSS 22.1

EPSS0.00012