cvelistv5 - CVE-2021-22399

CVE-2021-22399 (GCVE-0-2021-22399)

Vulnerability from cvelistv5 – Published: 2021-07-13 11:37 – Updated: 2024-08-03 18:44

Summary

The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth function to become abnormal. Affected product versions include: HUAWEI P30 10.0.0.195(C432E22R2P5), 10.0.0.200(C00E85R2P11), 10.0.0.200(C461E6R3P1), 10.0.0.201(C10E7R5P1), 10.0.0.201(C185E4R7P1), 10.0.0.206(C605E19R1P3), 10.0.0.209(C636E6R3P4), 10.0.0.210(C635E3R2P4), and versions earlier than 10.1.0.165(C01E165R2P11).

Severity ?

No CVSS data available.

CWE

Bluetooth Function Denial of Service

Assigner

huawei

References

URL

Tags

https://www.huawei.com/en/psirt/security-advisori…

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	HUAWEI P30	Affected: 10.0.0.195(C432E22R2P5),10.0.0.200(C00E85R2P11),10.0.0.200(C461E6R3P1),10.0.0.201(C10E7R5P1),10.0.0.201(C185E4R7P1),10.0.0.206(C605E19R1P3),10.0.0.209(C636E6R3P4),10.0.0.210(C635E3R2P4),Versions earlier than 10.1.0.165(C01E165R2P11)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:44:12.290Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210707-03-dos-en"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "HUAWEI P30",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "10.0.0.195(C432E22R2P5),10.0.0.200(C00E85R2P11),10.0.0.200(C461E6R3P1),10.0.0.201(C10E7R5P1),10.0.0.201(C185E4R7P1),10.0.0.206(C605E19R1P3),10.0.0.209(C636E6R3P4),10.0.0.210(C635E3R2P4),Versions earlier than 10.1.0.165(C01E165R2P11)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth function to become abnormal. Affected product versions include: HUAWEI P30 10.0.0.195(C432E22R2P5), 10.0.0.200(C00E85R2P11), 10.0.0.200(C461E6R3P1), 10.0.0.201(C10E7R5P1), 10.0.0.201(C185E4R7P1), 10.0.0.206(C605E19R1P3), 10.0.0.209(C636E6R3P4), 10.0.0.210(C635E3R2P4), and versions earlier than 10.1.0.165(C01E165R2P11)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Bluetooth Function Denial of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-07-13T11:37:25",
        "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "shortName": "huawei"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210707-03-dos-en"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "ID": "CVE-2021-22399",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "HUAWEI P30",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.0.0.195(C432E22R2P5),10.0.0.200(C00E85R2P11),10.0.0.200(C461E6R3P1),10.0.0.201(C10E7R5P1),10.0.0.201(C185E4R7P1),10.0.0.206(C605E19R1P3),10.0.0.209(C636E6R3P4),10.0.0.210(C635E3R2P4),Versions earlier than 10.1.0.165(C01E165R2P11)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth function to become abnormal. Affected product versions include: HUAWEI P30 10.0.0.195(C432E22R2P5), 10.0.0.200(C00E85R2P11), 10.0.0.200(C461E6R3P1), 10.0.0.201(C10E7R5P1), 10.0.0.201(C185E4R7P1), 10.0.0.206(C605E19R1P3), 10.0.0.209(C636E6R3P4), 10.0.0.210(C635E3R2P4), and versions earlier than 10.1.0.165(C01E165R2P11)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Bluetooth Function Denial of Service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210707-03-dos-en",
              "refsource": "MISC",
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210707-03-dos-en"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
    "assignerShortName": "huawei",
    "cveId": "CVE-2021-22399",
    "datePublished": "2021-07-13T11:37:25",
    "dateReserved": "2021-01-05T00:00:00",
    "dateUpdated": "2024-08-03T18:44:12.290Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:p30_firmware:10.0.0.195\\\\(c432e22r2p5\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"91183616-37B2-4A12-8618-CC67E5599A0D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:p30_firmware:10.0.0.200\\\\(c00e85r2p11\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D7CC6D39-258F-467B-8F30-8156AAE82E89\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:p30_firmware:10.0.0.200\\\\(c461e6r3p1\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"462708E7-4D60-4786-B2B0-966FC2234BF6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:p30_firmware:10.0.0.201\\\\(c10e7r5p1\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"730A2C08-9C3E-4794-9876-206164AADAD2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:p30_firmware:10.0.0.201\\\\(c185e4r7p1\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA40C584-80A1-49A5-A346-7F316A4640FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:p30_firmware:10.0.0.206\\\\(c605e19r1p3\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6474BF29-4980-45AC-A5BE-463E37EDC828\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:p30_firmware:10.0.0.209\\\\(c636e6r3p4\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"731B92DD-7072-421E-B4FE-088E5FCE0805\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:p30_firmware:10.0.0.210\\\\(c635e3r2p4\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D840C42-60E5-4E0D-892F-8D90ED74FD55\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"21EE286C-8111-4F59-8CF1-13C68EA76B21\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.1.0.165\\\\(c01e165r2p11\\\\)\", \"matchCriteriaId\": \"8A7CBB9B-878D-48E6-9AB2-F69FE744065D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"21EE286C-8111-4F59-8CF1-13C68EA76B21\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth function to become abnormal. Affected product versions include: HUAWEI P30 10.0.0.195(C432E22R2P5), 10.0.0.200(C00E85R2P11), 10.0.0.200(C461E6R3P1), 10.0.0.201(C10E7R5P1), 10.0.0.201(C185E4R7P1), 10.0.0.206(C605E19R1P3), 10.0.0.209(C636E6R3P4), 10.0.0.210(C635E3R2P4), and versions earlier than 10.1.0.165(C01E165R2P11).\"}, {\"lang\": \"es\", \"value\": \"La funci\\u00f3n Bluetooth de algunos smartphones de Huawei presenta una vulnerabilidad DoS. Los atacantes pueden instalar aplicaciones de terceros para enviar transmisiones espec\\u00edficas, causando un bloqueo al m\\u00f3dulo Bluetooth. Esta vulnerabilidad es explotada con \\u00e9xito para causar que la funci\\u00f3n Bluetooth se vuelva anormal. Las versiones de producto afectadas incluyen: HUAWEI P30 versi\\u00f3n 10.0.0.195(C432E22R2P5), versi\\u00f3n 10.0.0.200(C00E85R2P11), versi\\u00f3n 10.0.0.200(C461E6R3P1), versi\\u00f3n 10.0.0.201(C10E7R5P1), versi\\u00f3n 10.0.0.201(C185E4R7P1), versi\\u00f3n 10. Versi\\u00f3n 0.0.206(C605E19R1P3), versi\\u00f3n 10.0.0.209(C636E6R3P4), versi\\u00f3n 10.0.0.210(C635E3R2P4), y versiones anteriores a  10.1.0.165(C01E165R2P11)\"}]",
      "id": "CVE-2021-22399",
      "lastModified": "2024-11-21T05:50:03.067",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 2.1, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2021-07-13T12:15:09.820",
      "references": "[{\"url\": \"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210707-03-dos-en\", \"source\": \"psirt@huawei.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210707-03-dos-en\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "psirt@huawei.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-22399\",\"sourceIdentifier\":\"psirt@huawei.com\",\"published\":\"2021-07-13T12:15:09.820\",\"lastModified\":\"2024-11-21T05:50:03.067\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth function to become abnormal. Affected product versions include: HUAWEI P30 10.0.0.195(C432E22R2P5), 10.0.0.200(C00E85R2P11), 10.0.0.200(C461E6R3P1), 10.0.0.201(C10E7R5P1), 10.0.0.201(C185E4R7P1), 10.0.0.206(C605E19R1P3), 10.0.0.209(C636E6R3P4), 10.0.0.210(C635E3R2P4), and versions earlier than 10.1.0.165(C01E165R2P11).\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n Bluetooth de algunos smartphones de Huawei presenta una vulnerabilidad DoS. Los atacantes pueden instalar aplicaciones de terceros para enviar transmisiones espec\u00edficas, causando un bloqueo al m\u00f3dulo Bluetooth. Esta vulnerabilidad es explotada con \u00e9xito para causar que la funci\u00f3n Bluetooth se vuelva anormal. Las versiones de producto afectadas incluyen: HUAWEI P30 versi\u00f3n 10.0.0.195(C432E22R2P5), versi\u00f3n 10.0.0.200(C00E85R2P11), versi\u00f3n 10.0.0.200(C461E6R3P1), versi\u00f3n 10.0.0.201(C10E7R5P1), versi\u00f3n 10.0.0.201(C185E4R7P1), versi\u00f3n 10. Versi\u00f3n 0.0.206(C605E19R1P3), versi\u00f3n 10.0.0.209(C636E6R3P4), versi\u00f3n 10.0.0.210(C635E3R2P4), y versiones anteriores a  10.1.0.165(C01E165R2P11)\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:p30_firmware:10.0.0.195\\\\(c432e22r2p5\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91183616-37B2-4A12-8618-CC67E5599A0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:p30_firmware:10.0.0.200\\\\(c00e85r2p11\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7CC6D39-258F-467B-8F30-8156AAE82E89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:p30_firmware:10.0.0.200\\\\(c461e6r3p1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"462708E7-4D60-4786-B2B0-966FC2234BF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:p30_firmware:10.0.0.201\\\\(c10e7r5p1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"730A2C08-9C3E-4794-9876-206164AADAD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:p30_firmware:10.0.0.201\\\\(c185e4r7p1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA40C584-80A1-49A5-A346-7F316A4640FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:p30_firmware:10.0.0.206\\\\(c605e19r1p3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6474BF29-4980-45AC-A5BE-463E37EDC828\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:p30_firmware:10.0.0.209\\\\(c636e6r3p4\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"731B92DD-7072-421E-B4FE-088E5FCE0805\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:p30_firmware:10.0.0.210\\\\(c635e3r2p4\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D840C42-60E5-4E0D-892F-8D90ED74FD55\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21EE286C-8111-4F59-8CF1-13C68EA76B21\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.1.0.165\\\\(c01e165r2p11\\\\)\",\"matchCriteriaId\":\"8A7CBB9B-878D-48E6-9AB2-F69FE744065D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21EE286C-8111-4F59-8CF1-13C68EA76B21\"}]}]}],\"references\":[{\"url\":\"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210707-03-dos-en\",\"source\":\"psirt@huawei.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210707-03-dos-en\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

GSD-2021-22399

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2021-22399

Aliases

CVE-2021-22399

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-22399",
    "description": "The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth function to become abnormal. Affected product versions include: HUAWEI P30 10.0.0.195(C432E22R2P5), 10.0.0.200(C00E85R2P11), 10.0.0.200(C461E6R3P1), 10.0.0.201(C10E7R5P1), 10.0.0.201(C185E4R7P1), 10.0.0.206(C605E19R1P3), 10.0.0.209(C636E6R3P4), 10.0.0.210(C635E3R2P4), and versions earlier than 10.1.0.165(C01E165R2P11).",
    "id": "GSD-2021-22399"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-22399"
      ],
      "details": "The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth function to become abnormal. Affected product versions include: HUAWEI P30 10.0.0.195(C432E22R2P5), 10.0.0.200(C00E85R2P11), 10.0.0.200(C461E6R3P1), 10.0.0.201(C10E7R5P1), 10.0.0.201(C185E4R7P1), 10.0.0.206(C605E19R1P3), 10.0.0.209(C636E6R3P4), 10.0.0.210(C635E3R2P4), and versions earlier than 10.1.0.165(C01E165R2P11).",
      "id": "GSD-2021-22399",
      "modified": "2023-12-13T01:23:24.815152Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@huawei.com",
        "ID": "CVE-2021-22399",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "HUAWEI P30",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "10.0.0.195(C432E22R2P5),10.0.0.200(C00E85R2P11),10.0.0.200(C461E6R3P1),10.0.0.201(C10E7R5P1),10.0.0.201(C185E4R7P1),10.0.0.206(C605E19R1P3),10.0.0.209(C636E6R3P4),10.0.0.210(C635E3R2P4),Versions earlier than 10.1.0.165(C01E165R2P11)"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth function to become abnormal. Affected product versions include: HUAWEI P30 10.0.0.195(C432E22R2P5), 10.0.0.200(C00E85R2P11), 10.0.0.200(C461E6R3P1), 10.0.0.201(C10E7R5P1), 10.0.0.201(C185E4R7P1), 10.0.0.206(C605E19R1P3), 10.0.0.209(C636E6R3P4), 10.0.0.210(C635E3R2P4), and versions earlier than 10.1.0.165(C01E165R2P11)."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Bluetooth Function Denial of Service"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210707-03-dos-en",
            "refsource": "MISC",
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210707-03-dos-en"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:10.0.0.195\\(c432e22r2p5\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:10.0.0.200\\(c00e85r2p11\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:10.0.0.200\\(c461e6r3p1\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:10.0.0.201\\(c10e7r5p1\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:10.0.0.201\\(c185e4r7p1\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:10.0.0.206\\(c605e19r1p3\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:10.0.0.209\\(c636e6r3p4\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:10.0.0.210\\(c635e3r2p4\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "10.1.0.165\\(c01e165r2p11\\)",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "ID": "CVE-2021-22399"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth function to become abnormal. Affected product versions include: HUAWEI P30 10.0.0.195(C432E22R2P5), 10.0.0.200(C00E85R2P11), 10.0.0.200(C461E6R3P1), 10.0.0.201(C10E7R5P1), 10.0.0.201(C185E4R7P1), 10.0.0.206(C605E19R1P3), 10.0.0.209(C636E6R3P4), 10.0.0.210(C635E3R2P4), and versions earlier than 10.1.0.165(C01E165R2P11)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210707-03-dos-en",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210707-03-dos-en"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2021-07-15T22:27Z",
      "publishedDate": "2021-07-13T12:15Z"
    }
  }
}

VAR-202107-0362

Vulnerability from variot - Updated: 2023-12-18 10:49

There is an input verification error vulnerability in Huawei P30. The vulnerability stems from a vulnerability in the Bluetooth module of the product when processing broadcast data. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202107-0362",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "p30",
        "scope": null,
        "trust": 1.4,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "p30",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "10.0.0.201\\(c185e4r7p1\\)"
      },
      {
        "model": "p30",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "10.0.0.195\\(c432e22r2p5\\)"
      },
      {
        "model": "p30",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "10.0.0.200\\(c00e85r2p11\\)"
      },
      {
        "model": "p30",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "10.0.0.210\\(c635e3r2p4\\)"
      },
      {
        "model": "p30",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "10.0.0.206\\(c605e19r1p3\\)"
      },
      {
        "model": "p30",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "10.1.0.165\\(c01e165r2p11\\)"
      },
      {
        "model": "p30",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "10.0.0.200\\(c461e6r3p1\\)"
      },
      {
        "model": "p30",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "10.0.0.209\\(c636e6r3p4\\)"
      },
      {
        "model": "p30",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "huawei",
        "version": "10.0.0.201\\(c10e7r5p1\\)"
      },
      {
        "model": "p30",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": "p30  firmware"
      },
      {
        "model": "p30",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "huawei",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-51440"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-009234"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-22399"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:10.0.0.195\\(c432e22r2p5\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:10.0.0.200\\(c00e85r2p11\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:10.0.0.200\\(c461e6r3p1\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:10.0.0.201\\(c10e7r5p1\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:10.0.0.201\\(c185e4r7p1\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:10.0.0.206\\(c605e19r1p3\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:10.0.0.209\\(c636e6r3p4\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:10.0.0.210\\(c635e3r2p4\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "10.1.0.165\\(c01e165r2p11\\)",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-22399"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vulnerability was discovered by an external security researcher",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202107-359"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2021-22399",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "LOW",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 2.1,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2021-22399",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2021-51440",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 1.8,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 5.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2021-22399",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2021-22399",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2021-51440",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202107-359",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202104-975",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-22399",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-51440"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-22399"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-009234"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-22399"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202107-359"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth function to become abnormal. Affected product versions include: HUAWEI P30 10.0.0.195(C432E22R2P5), 10.0.0.200(C00E85R2P11), 10.0.0.200(C461E6R3P1), 10.0.0.201(C10E7R5P1), 10.0.0.201(C185E4R7P1), 10.0.0.206(C605E19R1P3), 10.0.0.209(C636E6R3P4), 10.0.0.210(C635E3R2P4), and versions earlier than 10.1.0.165(C01E165R2P11). plural  Huawei There are unspecified vulnerabilities in smartphones.Denial of service  (DoS) It may be put into a state. Huawei P30 is a smart phone of China\u0027s Huawei (Huawei) company. \n\r\n\r\nThere is an input verification error vulnerability in Huawei P30. The vulnerability stems from a vulnerability in the Bluetooth module of the product when processing broadcast data. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-22399"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-009234"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-51440"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-22399"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-22399",
        "trust": 3.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-009234",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-51440",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021070716",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202107-359",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041363",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-22399",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-51440"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-22399"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-009234"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-22399"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202107-359"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ]
  },
  "id": "VAR-202107-0362",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-51440"
      }
    ],
    "trust": 1.1708912599999999
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "IoT"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-51440"
      }
    ]
  },
  "last_update_date": "2023-12-18T10:49:18.320000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "huawei-sa-20210707-03-dos",
        "trust": 0.8,
        "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210707-03-dos-en"
      },
      {
        "title": "Patch for Huawei P30 input verification error vulnerability (CNVD-2021-51440)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/279316"
      },
      {
        "title": "Huawei P30 Enter the fix for the verification error vulnerability",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=156195"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-51440"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-009234"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202107-359"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "Lack of information (CWE-noinfo) [NVD Evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-009234"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-22399"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210707-03-dos-en"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22399"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021070716"
      },
      {
        "trust": 0.6,
        "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20210707-03-dos-cn"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-51440"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-22399"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-009234"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-22399"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202107-359"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-51440"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-22399"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-009234"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-22399"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202107-359"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-07-16T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-51440"
      },
      {
        "date": "2021-07-13T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-22399"
      },
      {
        "date": "2022-04-18T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-009234"
      },
      {
        "date": "2021-07-13T12:15:09.820000",
        "db": "NVD",
        "id": "CVE-2021-22399"
      },
      {
        "date": "2021-07-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202107-359"
      },
      {
        "date": "2021-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-07-16T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-51440"
      },
      {
        "date": "2021-07-15T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-22399"
      },
      {
        "date": "2022-04-18T07:03:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-009234"
      },
      {
        "date": "2021-07-15T22:27:15.447000",
        "db": "NVD",
        "id": "CVE-2021-22399"
      },
      {
        "date": "2021-07-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202107-359"
      },
      {
        "date": "2021-04-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202107-359"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural \u00a0Huawei\u00a0 Vulnerability in smartphones",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-009234"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202107-359"
      }
    ],
    "trust": 0.6
  }
}

CNVD-2021-51440

Vulnerability from cnvd - Published: 2021-07-16

Title

Huawei P30输入验证错误漏洞（CNVD-2021-51440）

Description

Huawei P30是中国华为（Huawei）公司的一款智能手机。 Huawei P30 中存在输入验证错误漏洞，该漏洞源于该产品的蓝牙模块处理广播数据时存在漏洞，攻击者可利用该漏洞安装该应用发送特定广播导致目标设备蓝牙模块崩溃。

Severity

低

Patch Name

Huawei P30输入验证错误漏洞（CNVD-2021-51440）的补丁

Patch Description

Huawei P30是中国华为（Huawei）公司的一款智能手机。 Huawei P30 中存在输入验证错误漏洞，该漏洞源于该产品的蓝牙模块处理广播数据时存在漏洞，攻击者可利用该漏洞安装该应用发送特定广播导致目标设备蓝牙模块崩溃。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，详情请关注厂商主页： https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20210707-03-dos-cn

Reference

https://nvd.nist.gov/vuln/detail/CVE-2021-22399

Impacted products

Name
Huawei P30

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-22399"
    }
  },
  "description": "Huawei P30\u662f\u4e2d\u56fd\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u667a\u80fd\u624b\u673a\u3002\n\nHuawei P30 \u4e2d\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u8be5\u4ea7\u54c1\u7684\u84dd\u7259\u6a21\u5757\u5904\u7406\u5e7f\u64ad\u6570\u636e\u65f6\u5b58\u5728\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5b89\u88c5\u8be5\u5e94\u7528\u53d1\u9001\u7279\u5b9a\u5e7f\u64ad\u5bfc\u81f4\u76ee\u6807\u8bbe\u5907\u84dd\u7259\u6a21\u5757\u5d29\u6e83\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttps://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20210707-03-dos-cn",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-51440",
  "openTime": "2021-07-16",
  "patchDescription": "Huawei P30\u662f\u4e2d\u56fd\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u667a\u80fd\u624b\u673a\u3002\r\n\r\nHuawei P30 \u4e2d\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u8be5\u4ea7\u54c1\u7684\u84dd\u7259\u6a21\u5757\u5904\u7406\u5e7f\u64ad\u6570\u636e\u65f6\u5b58\u5728\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5b89\u88c5\u8be5\u5e94\u7528\u53d1\u9001\u7279\u5b9a\u5e7f\u64ad\u5bfc\u81f4\u76ee\u6807\u8bbe\u5907\u84dd\u7259\u6a21\u5757\u5d29\u6e83\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Huawei P30\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff08CNVD-2021-51440\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Huawei P30"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-22399",
  "serverity": "\u4f4e",
  "submitTime": "2021-07-09",
  "title": "Huawei P30\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff08CNVD-2021-51440\uff09"
}

FKIE_CVE-2021-22399

Vulnerability from fkie_nvd - Published: 2021-07-13 12:15 - Updated: 2024-11-21 05:50

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

	URL	Tags
	psirt@huawei.com	https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210707-03-dos-en	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210707-03-dos-en	Vendor Advisory

Impacted products

Vendor	Product	Version
huawei	p30_firmware	10.0.0.195\(c432e22r2p5\)
huawei	p30_firmware	10.0.0.200\(c00e85r2p11\)
huawei	p30_firmware	10.0.0.200\(c461e6r3p1\)
huawei	p30_firmware	10.0.0.201\(c10e7r5p1\)
huawei	p30_firmware	10.0.0.201\(c185e4r7p1\)
huawei	p30_firmware	10.0.0.206\(c605e19r1p3\)
huawei	p30_firmware	10.0.0.209\(c636e6r3p4\)
huawei	p30_firmware	10.0.0.210\(c635e3r2p4\)
huawei	p30	-
huawei	p30_firmware	*
huawei	p30	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:p30_firmware:10.0.0.195\\(c432e22r2p5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "91183616-37B2-4A12-8618-CC67E5599A0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:p30_firmware:10.0.0.200\\(c00e85r2p11\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D7CC6D39-258F-467B-8F30-8156AAE82E89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:p30_firmware:10.0.0.200\\(c461e6r3p1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "462708E7-4D60-4786-B2B0-966FC2234BF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:p30_firmware:10.0.0.201\\(c10e7r5p1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "730A2C08-9C3E-4794-9876-206164AADAD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:p30_firmware:10.0.0.201\\(c185e4r7p1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DA40C584-80A1-49A5-A346-7F316A4640FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:p30_firmware:10.0.0.206\\(c605e19r1p3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6474BF29-4980-45AC-A5BE-463E37EDC828",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:p30_firmware:10.0.0.209\\(c636e6r3p4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "731B92DD-7072-421E-B4FE-088E5FCE0805",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:p30_firmware:10.0.0.210\\(c635e3r2p4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7D840C42-60E5-4E0D-892F-8D90ED74FD55",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A7CBB9B-878D-48E6-9AB2-F69FE744065D",
              "versionEndExcluding": "10.1.0.165\\(c01e165r2p11\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth function to become abnormal. Affected product versions include: HUAWEI P30 10.0.0.195(C432E22R2P5), 10.0.0.200(C00E85R2P11), 10.0.0.200(C461E6R3P1), 10.0.0.201(C10E7R5P1), 10.0.0.201(C185E4R7P1), 10.0.0.206(C605E19R1P3), 10.0.0.209(C636E6R3P4), 10.0.0.210(C635E3R2P4), and versions earlier than 10.1.0.165(C01E165R2P11)."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n Bluetooth de algunos smartphones de Huawei presenta una vulnerabilidad DoS. Los atacantes pueden instalar aplicaciones de terceros para enviar transmisiones espec\u00edficas, causando un bloqueo al m\u00f3dulo Bluetooth. Esta vulnerabilidad es explotada con \u00e9xito para causar que la funci\u00f3n Bluetooth se vuelva anormal. Las versiones de producto afectadas incluyen: HUAWEI P30 versi\u00f3n 10.0.0.195(C432E22R2P5), versi\u00f3n 10.0.0.200(C00E85R2P11), versi\u00f3n 10.0.0.200(C461E6R3P1), versi\u00f3n 10.0.0.201(C10E7R5P1), versi\u00f3n 10.0.0.201(C185E4R7P1), versi\u00f3n 10. Versi\u00f3n 0.0.206(C605E19R1P3), versi\u00f3n 10.0.0.209(C636E6R3P4), versi\u00f3n 10.0.0.210(C635E3R2P4), y versiones anteriores a  10.1.0.165(C01E165R2P11)"
    }
  ],
  "id": "CVE-2021-22399",
  "lastModified": "2024-11-21T05:50:03.067",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-07-13T12:15:09.820",
  "references": [
    {
      "source": "psirt@huawei.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210707-03-dos-en"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210707-03-dos-en"
    }
  ],
  "sourceIdentifier": "psirt@huawei.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-WWHM-FHM5-GRJM

Vulnerability from github – Published: 2022-05-24 19:07 – Updated: 2022-05-24 19:07

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-22399"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-07-13T12:15:00Z",
    "severity": "MODERATE"
  },
  "details": "The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth function to become abnormal. Affected product versions include: HUAWEI P30 10.0.0.195(C432E22R2P5), 10.0.0.200(C00E85R2P11), 10.0.0.200(C461E6R3P1), 10.0.0.201(C10E7R5P1), 10.0.0.201(C185E4R7P1), 10.0.0.206(C605E19R1P3), 10.0.0.209(C636E6R3P4), 10.0.0.210(C635E3R2P4), and versions earlier than 10.1.0.165(C01E165R2P11).",
  "id": "GHSA-wwhm-fhm5-grjm",
  "modified": "2022-05-24T19:07:37Z",
  "published": "2022-05-24T19:07:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22399"
    },
    {
      "type": "WEB",
      "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210707-03-dos-en"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-22399 (GCVE-0-2021-22399)

GSD-2021-22399

VAR-202107-0362

CNVD-2021-51440

FKIE_CVE-2021-22399

GHSA-WWHM-FHM5-GRJM

Tags

Sightings

Nomenclature