Timing Design Flaw in Huawei Smartphones
CVE-2021-37110

7.5HIGH

Key Information:

Vendor: Huawei
Status: Emui;magic Ui;harmony Os
Vendor: CVE Published:; 3 January 2022

Summary

A timing design flaw has been identified in Huawei smartphones. This vulnerability could potentially allow an attacker to exploit service confidentiality, posing a threat to user data and system integrity. Users are advised to stay updated with security patches to mitigate risks associated with this issue.

Affected Version(s)

EMUI;Magic UI;Harmony OS EMUI 11.0.1,EMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0,EMUI 9.1.1,EMUI 9.1.0

EMUI;Magic UI;Harmony OS Magic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0,Magic UI 2.1.1

EMUI;Magic UI;Harmony OS Harmony OS 2.0

References

https://consumer.huawei.com/en/support/bulletin/2021/11/

x_refsource_MISC

https://device.harmonyos.com/en/docs/security/update/secu...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 3, 2022
Vulnerability Reserved
Jul 20, 2021