VARIoT IoT vulnerabilities database
| VAR-202106-0616 | CVE-2021-22354 | Huawei smartphone security breach |
CVSS V2: 6.4 CVSS V3: 9.1 Severity: CRITICAL |
There is an Information Disclosure Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause out-of-bounds read. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company
| VAR-202106-0615 | CVE-2021-22353 | Huawei smartphone buffer error vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause the kernel to restart. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. There is a security vulnerability in Huawei smartphones
| VAR-202106-0614 | CVE-2021-22352 | Huawei smartphone processing logic error vulnerability |
CVSS V2: 6.8 CVSS V3: 7.8 Severity: HIGH |
There is a Configuration Defect Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious commands. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. The following products and versions are affected: EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1
| VAR-202106-0613 | CVE-2021-22351 | Huawei smartphone trust management issue vulnerability |
CVSS V2: 5.5 CVSS V3: 8.1 Severity: HIGH |
There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may induce users to grant permissions on modifying items in the configuration table,causing system exceptions. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. The following products and versions are affected: EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1
| VAR-202106-0612 | CVE-2021-22350 | Huawei smartphone buffer error vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause the device to crash and restart. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. The following products and versions are affected: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1
| VAR-202106-0611 | CVE-2021-22349 | Huawei smartphone input verification error vulnerability |
CVSS V2: 7.8 CVSS V3: 7.5 Severity: HIGH |
There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of insufficient input verification may cause the system to restart. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. An attacker could exploit this vulnerability to cause a system reboot. The following products and versions are affected: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1
| VAR-202106-0610 | CVE-2021-22348 | Huawei smartphone buffer error vulnerability |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. The following products and versions are affected: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1
| VAR-202106-0609 | CVE-2021-22346 | Huawei smartphone security breach |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: MEDIUM |
There is an Improper Permission Management Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may lead to the disclosure of user habits. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. There are security vulnerabilities in several Huawei SmartPhone, which stems from the lack of effective permissions and access control measures in the products. The following products and versions are affected: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1
| VAR-202106-0608 | CVE-2021-22345 | Huawei smartphone input verification error vulnerability |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause out-of-bounds memory write. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. The following products and versions are affected: EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1
| VAR-202106-0602 | CVE-2021-22380 | Huawei HarmonyOS Security hole |
CVSS V2: 6.4 CVSS V3: 9.1 Severity: CRITICAL |
There is a Cleartext Transmission of Sensitive Information Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality and availability. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. Huawei smartphones have security flaws
| VAR-202106-0599 | CVE-2021-22375 | Huawei smartphone security breach |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
There is a Key Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality,availability and integrity. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company
| VAR-202106-0598 | CVE-2021-22374 | Huawei smartphone input verification error vulnerability |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is an Improper Validation of Array Index Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause stability risks. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. There is a security vulnerability in Huawei smartphones
| VAR-202106-0597 | CVE-2021-22373 | Huawei smartphone security breach |
CVSS V2: 6.4 CVSS V3: 9.1 Severity: CRITICAL |
There is a Defects Introduced in the Design Process Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. There is a security vulnerability in Huawei smartphones
| VAR-202106-0596 | CVE-2021-22372 | Huawei smartphone security breach |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is a Security Features Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company
| VAR-202106-0595 | CVE-2021-22371 | Huawei smartphone security breach |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is an Improper Permission Management Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. Huawei smartphones have security flaws
| VAR-202106-0594 | CVE-2021-22370 | Huawei Smartphone Security hole |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company
| VAR-202106-0593 | CVE-2021-22369 | Huawei HarmonyOS Security hole |
CVSS V2: 9.3 CVSS V3: 8.1 Severity: HIGH |
There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Huawei Smartphone. Successful exploitation of these vulnerabilities may escalate the permission to that of the root user. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. Huawei smartphones have security flaws
| VAR-202106-0592 | CVE-2021-22368 | Huawei smartphone security breach |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is a Permission Control Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect normal use of the device. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. There are security vulnerabilities in several Huawei SmartPhone, which stems from the lack of effective permissions and access control measures in the products. The following products and versions are affected: EMUI 10.1.1, Magic UI 3.1.1
| VAR-202106-0591 | CVE-2021-22367 | Huawei HarmonyOS Security hole |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
There is a Key Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may lead to authentication bypass. A Huawei phone is a Huawei smartphone from the Chinese Huawei (Huawei) company. The following products and versions are affected: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0 Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1
| VAR-202106-0570 | CVE-2021-20107 | plural Sloan SmartFaucet Product authentication vulnerabilities |
CVSS V2: 4.8 CVSS V3: 5.4 Severity: MEDIUM |
There exists an unauthenticated BLE Interface in Sloan SmartFaucets including Optima EAF, Optima ETF/EBF, BASYS EFX, and Flushometers including SOLIS. The vulnerability allows for unauthenticated kinetic effects and information disclosure on the faucets. It is possible to use the Bluetooth Low Energy (BLE) connectivity to read and write to many BLE characteristics on the device. Some of these control the flow of water, the sensitivity of the sensors, and information about maintenance. plural Sloan SmartFaucet The product contains an authentication vulnerability.Information may be obtained and information may be tampered with