CVE-2021-22403
CRITICALHuawei EMUI and Magic UI - Unverified Provider Hijacking
Title source: llmDescription
There is a vulnerability of hijacking unverified providers in Huawei Smartphone.Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious commands.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://consumer.huawei.com/en/support/bulletin/2021/7/
Scores
CVSS v3
9.8
EPSS
0.0021
EPSS Percentile
42.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (11)
huawei/emui
9.1.0
huawei/emui
9.1.1
huawei/emui
10.0.0
huawei/emui
10.1.0
huawei/emui
10.1.1
huawei/emui
11.0.0
huawei/magic_ui
2.1.1
huawei/magic_ui
3.0.0
huawei/magic_ui
3.1.0
huawei/magic_ui
3.1.1
... and 1 more
Published
Oct 28, 2021
Tracked Since
Feb 18, 2026