CWE-20

CVE-2021-22445

February 23, 2023 by

There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.

CVE-2021-22452

February 23, 2023 by

A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to read at any address.

CVE-2021-22457

February 23, 2023 by

A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to cause out-of-bounds write.

There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 and S7700 V200R019C00SPC500. A module does not verify specific input sufficiently. Attackers can exploit this vulnerability by sending malicious parameters to inject command. This can compromise normal service.

CVE-2021-22381

February 23, 2023 by

There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause an infinite loop in DoS.

CVE-2021-22397

February 23, 2023 by

There is a privilege escalation vulnerability in Huawei ManageOne 8.0.0. External parameters of some files are lack of verification when they are be called. Attackers can exploit this vulnerability by performing these files to cause privilege escalation attack. This can compromise normal service.