CVE-2021-22327
Description
There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing. Due to insufficient validation of the input files, successful exploit could cause certain service abnormal. Affected product versions include:HUAWEI P30 versions 10.0.0.186(C10E7R5P1), 10.0.0.186(C461E4R3P1), 10.0.0.188(C00E85R2P11), 10.0.0.188(C01E88R2P11),10.0.0.188(C605E19R1P3), 10.0.0.190(C185E4R7P1), 10.0.0.190(C431E22R2P5), 10.0.0.190(C432E22R2P5),10.0.0.190(C605E19R1P3), 10.0.0.190(C636E4R3P4), 10.0.0.192(C635E3R2P4).
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.162
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2021-22327 ,CVE-2021-22331 are affected in p30_firmware 10.0.0.192(c635e3r2p4) | NCM |
| Vulnerabilities CVE-2021-22327 ,CVE-2021-22331 are affected in p30_firmware 10.0.0.190(c636e4r3p4) | NCM |
| Vulnerabilities CVE-2021-22327 ,CVE-2021-22331 are affected in p30_firmware 10.0.0.190(c605e19r1p3) | NCM |
| Vulnerabilities CVE-2021-22327 ,CVE-2021-22331 are affected in p30_firmware 10.0.0.190(c432e22r2p5) | NCM |
| Vulnerabilities CVE-2021-22327 ,CVE-2021-22331 are affected in p30_firmware 10.0.0.190(c431e22r2p5) | NCM |
| Vulnerabilities CVE-2021-22327 ,CVE-2021-22331 are affected in p30_firmware 10.0.0.190(c185e4r7p1) | NCM |
| Vulnerabilities CVE-2021-22327 ,CVE-2021-22331 are affected in p30_firmware 10.0.0.188(c605e19r1p3) | NCM |
| Vulnerabilities CVE-2021-22327 ,CVE-2021-22331 are affected in p30_firmware 10.0.0.188(c01e88r2p11) | NCM |
| Vulnerabilities CVE-2021-22327 ,CVE-2021-22331 are affected in p30_firmware 10.0.0.188(c00e85r2p11) | NCM |
| Vulnerabilities CVE-2021-22327 ,CVE-2021-22331 are affected in p30_firmware 10.0.0.186(c461e4r3p1) | NCM |
| Vulnerabilities CVE-2021-22327 ,CVE-2021-22331 are affected in p30_firmware 10.0.0.186(c10e7r5p1) | NCM |
| Out-of-bounds Write Vulnerability (CVE-2021-22327) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234