exploitDog

CVE-2021-22330

Опубликовано: 28 апр. 2021

Источник: nvd

CVSS3: 6.5

CVSS2: 3.3

EPSS Низкий

Описание

There is an out of bounds write vulnerability in Huawei Smartphone HUAWEI P30 versions 9.1.0.131(C00E130R1P21) when processing a message. An unauthenticated attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation of the input parameter, successful exploit can cause the process and the service to be abnormal.

Ссылки

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210331-01-p30-en
Vendor Advisory
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210331-01-p30-en
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:huawei:p30_firmware:9.1.0.131\(c00e130r1p21\):*:*:*:*:*:*:*

cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*

EPSS

Процентиль: 11%

0.00037

Низкий

6.5 Medium

CVSS3

3.3 Low

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-2p45-cjpq-qrf9

github

больше 3 лет назад

There is an out of bounds write vulnerability in Huawei Smartphone HUAWEI P30 versions 9.1.0.131(C00E130R1P21) when processing a message. An unauthenticated attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation of the input parameter, successful exploit can cause the process and the service to be abnormal.

EPSS

Процентиль: 11%

0.00037

Низкий

6.5 Medium

CVSS3

3.3 Low

CVSS2

Дефекты

CWE-787