Vulnerabilities > CVE-2021-37045 - Use After Free vulnerability in Huawei Emui, Harmonyos and Magic UI

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

huawei

CWE-416

critical

NVD

Published: 2021-12-08

Updated: 2022-07-12

Summary

There is an UAF vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart unexpectedly and the kernel-mode code to be executed.

Vulnerable Configurations

Part	Description	Count
OS	Huawei Huawei Harmonyos - Huawei Emui 10.1.0 Huawei Magic UI 3.1.0	3

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

References

https://device.harmonyos.com/en/docs/security/update/security-bulletins-202109-0000001196270727
https://consumer.huawei.com/en/support/bulletin/2021/9/