CVE-2021-22327
MEDIUMHuawei P30 Firmware - Out-of-bounds Write via File Parsing
Title source: llmDescription
There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing. Due to insufficient validation of the input files, successful exploit could cause certain service abnormal. Affected product versions include:HUAWEI P30 versions 10.0.0.186(C10E7R5P1), 10.0.0.186(C461E4R3P1), 10.0.0.188(C00E85R2P11), 10.0.0.188(C01E88R2P11),10.0.0.188(C605E19R1P3), 10.0.0.190(C185E4R7P1), 10.0.0.190(C431E22R2P5), 10.0.0.190(C432E22R2P5),10.0.0.190(C605E19R1P3), 10.0.0.190(C636E4R3P4), 10.0.0.192(C635E3R2P4).
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210331-01-smartphone-en
Scores
CVSS v3
6.5
EPSS
0.0016
EPSS Percentile
36.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-787
Status
published
Products (11)
huawei/p30_firmware
10.0.0.186\(c10e7r5p1\)
huawei/p30_firmware
10.0.0.186\(c461e4r3p1\)
huawei/p30_firmware
10.0.0.188\(c00e85r2p11\)
huawei/p30_firmware
10.0.0.188\(c01e88r2p11\)
huawei/p30_firmware
10.0.0.188\(c605e19r1p3\)
huawei/p30_firmware
10.0.0.190\(c185e4r7p1\)
huawei/p30_firmware
10.0.0.190\(c431e22r2p5\)
huawei/p30_firmware
10.0.0.190\(c432e22r2p5\)
huawei/p30_firmware
10.0.0.190\(c605e19r1p3\)
huawei/p30_firmware
10.0.0.190\(c636e4r3p4\)
... and 1 more
Published
Apr 28, 2021
Tracked Since
Feb 18, 2026