VARIoT IoT vulnerabilities database
| VAR-202112-0355 | CVE-2021-37037 | plural Huawei Vulnerabilities in smartphone products |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
There is an Invalid address access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart. plural Huawei Smartphone products have unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state
| VAR-202112-0354 | CVE-2021-37039 | plural Huawei Input validation vulnerability in smartphone products |
CVSS V2: 3.3 CVSS V3: 6.5 Severity: MEDIUM |
There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Bluetooth DoS. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. No detailed vulnerability details were provided at this time
| VAR-202112-0353 | CVE-2021-37044 | plural Huawei Vulnerability related to improper retention of permissions in smartphone products |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is a Permission control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability. plural Huawei A vulnerability related to improper retention of permissions exists in smartphone products.Service operation interruption (DoS) It may be in a state
| VAR-202112-0352 | CVE-2021-37045 | plural Huawei Vulnerability related to use of freed memory in smartphone products |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
There is an UAF vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart unexpectedly and the kernel-mode code to be executed. plural Huawei A vulnerability related to use of freed memory exists in smartphone products.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202112-0351 | CVE-2021-37049 | plural Huawei Out-of-bounds write vulnerability in smartphone products |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
There is a Heap-based buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may rewrite the memory of adjacent objects. plural Huawei Smartphone products contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202112-0350 | CVE-2021-37050 | plural Huawei Vulnerability related to lack of encryption of important data in smartphone products |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is a Missing sensitive data encryption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality
| VAR-202112-0349 | CVE-2021-37051 | plural Huawei Out-of-bounds reading vulnerability in smartphone products |
CVSS V2: 6.4 CVSS V3: 9.1 Severity: CRITICAL |
There is an Out-of-bounds read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds memory access. plural Huawei Smartphone products contain an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be in a state
| VAR-202112-0348 | CVE-2021-37052 | plural Huawei Vulnerability related to exceptional state handling in smartphone products |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is an Exception log vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause address information leakage. plural Huawei A vulnerability related to exceptional state handling exists in smartphone products.Information may be obtained
| VAR-202112-0347 | CVE-2021-37053 | plural Huawei Vulnerabilities in smartphone products |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is a Service logic vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS. plural Huawei Smartphone products have unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state
| VAR-202112-0346 | CVE-2021-37054 | plural Huawei Authentication Vulnerability in Smartphone Products |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is an Identity spoofing and authentication bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. plural Huawei Smartphone products contain an authentication vulnerability.Information may be obtained
| VAR-202112-0345 | CVE-2021-37069 | plural Huawei Race Condition Vulnerability in Smartphone Products |
CVSS V2: 5.8 CVSS V3: 7.4 Severity: HIGH |
There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected. plural Huawei A race condition vulnerability exists in smartphone products.Information is obtained and service operation is interrupted (DoS) It may be in a state
| VAR-202112-0344 | CVE-2021-37074 | plural Huawei Race Condition Vulnerability in Smartphone Products |
CVSS V2: 9.3 CVSS V3: 8.1 Severity: HIGH |
There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user root privilege escalation. plural Huawei A race condition vulnerability exists in smartphone products.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202112-0343 | CVE-2021-37092 | plural Huawei Incomplete Cleanup Vulnerability in Smartphone Products |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected. plural Huawei An incomplete cleanup vulnerability exists in smartphone products.Service operation interruption (DoS) It may be in a state. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. HUAWEI HarmonyOS has a resource management error vulnerability. This vulnerability is caused by a resource not closing or releasing vulnerability in a certain component of HarmonyOS. No detailed vulnerability details were provided at this time
| VAR-202112-0342 | CVE-2021-37093 | plural Huawei Vulnerabilities in smartphone products |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: MEDIUM |
There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers steal short messages. plural Huawei Smartphone products have unspecified vulnerabilities.Information may be obtained. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. The vulnerability is caused by a component of the product that does not effectively authenticate user identities. No detailed vulnerability details were provided at this time
| VAR-202112-0335 | CVE-2021-37020 | plural Huawei Input validation vulnerability in smartphone products |
CVSS V2: 6.4 CVSS V3: 9.1 Severity: CRITICAL |
There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read. plural Huawei A vulnerability related to input validation exists in smartphone products.Information is obtained and service operation is interrupted (DoS) It may be in a state
| VAR-202112-0334 | CVE-2021-37021 | plural Huawei Input validation vulnerability in smartphone products |
CVSS V2: 6.4 CVSS V3: 9.1 Severity: CRITICAL |
There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read. plural Huawei A vulnerability related to input validation exists in smartphone products.Information is obtained and service operation is interrupted (DoS) It may be in a state
| VAR-202112-0333 | CVE-2021-37043 | plural Huawei Authentication Vulnerability in Smartphone Products |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to malicious application processes occupy system resources. plural Huawei Smartphone products contain an authentication vulnerability.Service operation interruption (DoS) It may be in a state
| VAR-202112-0327 | CVE-2021-37075 | plural Huawei Vulnerabilities in smartphone products |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to confidentiality affected. plural Huawei Smartphone products have unspecified vulnerabilities.Information may be obtained
| VAR-202112-0285 | CVE-2021-37040 | plural Huawei Argument insertion or modification vulnerability in smartphone products |
CVSS V2: 6.8 CVSS V3: 9.8 Severity: CRITICAL |
There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause privilege escalation of files after CIFS share mounting. plural Huawei Smartphone products contain an argument injection or modification vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system. There is a security vulnerability in Huawei HarmonyOS. No detailed vulnerability details were provided at this time
| VAR-202112-0262 | CVE-2021-37085 | Huawei Race Condition Vulnerability in Smartphone Products |
CVSS V2: 7.1 CVSS V3: 5.9 Severity: MEDIUM |
There is a Encoding timing vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to denial of service. Huawei A race condition vulnerability exists in smartphone products.Service operation interruption (DoS) It may be in a state. Huawei HarmonyOS is an operating system of the Chinese company Huawei. Provide a microkernel-based full-scenario distributed operating system