Vulnerabilities > Huawei > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-01-10 CVE-2021-39996 Out-of-bounds Write vulnerability in Huawei Emui, Harmonyos and Magic UI
There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones.
network
low complexity
huawei CWE-787
critical
 9.8
9.8
2022-01-10 CVE-2021-40010 Out-of-bounds Write vulnerability in Huawei Emui, Harmonyos and Magic UI
The bone voice ID TA has a heap overflow vulnerability.Successful exploitation of this vulnerability may result in malicious code execution.
network
low complexity
huawei CWE-787
critical
 9.8
9.8
2022-01-03 CVE-2021-37116 Improper Input Validation vulnerability in Huawei Harmonyos
PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of this vulnerability may cause that the PIN of the subscriber is changed.
network
low complexity
huawei CWE-20
critical
 9.1
9.1
2022-01-03 CVE-2021-37120 Double Free vulnerability in Huawei Emui and Magic UI
There is a Double free vulnerability in Smartphone.Successful exploitation of this vulnerability may cause a kernel crash or privilege escalation.
network
low complexity
huawei CWE-415
critical
 9.8
9.8
2022-01-03 CVE-2021-37121 Unspecified vulnerability in Huawei Emui and Magic UI
There is a Configuration defects in Smartphone.Successful exploitation of this vulnerability may elevate the MEID (IMEI) permission.
network
low complexity
huawei
critical
 9.8
9.8
2022-01-03 CVE-2021-37128 Path Traversal vulnerability in Huawei Harmonyos
HwPCAssistant has a Path Traversal vulnerability .Successful exploitation of this vulnerability may write any file.
network
low complexity
huawei CWE-22
critical
 9.8
9.8
2022-01-03 CVE-2021-39979 Code Injection vulnerability in Huawei Harmonyos
HHEE system has a Code Injection vulnerability.Successful exploitation of this vulnerability may affect HHEE system integrity.
network
low complexity
huawei CWE-94
critical
 9.8
9.8
2022-01-03 CVE-2021-39982 Improper Privilege Management vulnerability in Huawei Harmonyos 2.0
Phone Manager application has a Improper Privilege Management vulnerability.Successful exploitation of this vulnerability may read and write arbitrary files by tampering with Phone Manager notifications.
network
low complexity
huawei CWE-269
critical
 9.1
9.1
2022-01-03 CVE-2021-39990 Out-of-bounds Write vulnerability in Huawei Harmonyos
The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user experience.
network
low complexity
huawei CWE-787
critical
 9.8
9.8
2021-12-08 CVE-2021-37040 Argument Injection or Modification vulnerability in Huawei Emui, Harmonyos and Magic UI
There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause privilege escalation of files after CIFS share mounting.
network
low complexity
huawei CWE-88
critical
 9.8
9.8