Buffer overflow in Huawei P30
CVE-2021-22327
There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing. Due to insufficient validation of the input files, successful exploit could cause certain service abnormal. Affected product versions incl…
Vulnerability class: Buffer Overflow
EPSS: 0.005 (41.0th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H.
Affected products
- Huawei P30
- Huawei P30_firmware — versions 10.0.0.186\(c10e7r5p1\), 10.0.0.186\(c461e4r3p1\), 10.0.0.188\(c00e85r2p11\)
- N/a Huawei P30 — versions 10.0.0.186(C10E7R5P1),10.0.0.186(C461E4R3P1),10.0.0.188(C00E85R2P11),10.0.0.188(C01E88R2P11),10.0.0.188(C605E19R1P3),10.0.0.190(C185E4R7P1),10.0.0.190(C431E22R2P5),10.0.0.190(C432E22R2P5),10.0.0.190(C605E19R1P3),10.0.0.190(C636E4R3P4),10.0.0.192(C635E3R2P4)
Weakness classification (CWE)
References
- psirt@huawei.com (x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2021-22327?
- CVE-2021-22327 is a medium-severity vulnerability in Huawei P30, classified under Out-of-bounds Write. CVSS score: 6.5/10. Published 2021-04-28.
- How severe is CVE-2021-22327?
- Medium severity. CVSS v3 base score is 6.5 out of 10.