{"api_version":"1","generated_at":"2026-04-23T09:39:40+00:00","cve":"CVE-2021-22305","urls":{"html":"https://cve.report/CVE-2021-22305","api":"https://cve.report/api/cve/CVE-2021-22305.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-22305","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-22305"},"summary":{"title":"CVE-2021-22305","description":"There is a buffer overflow vulnerability in Mate 30 10.1.0.126(C00E125R5P3). A module does not verify the some input when dealing with messages. Attackers can exploit this vulnerability by sending malicious input through specific module. This could cause buffer overflow, compromising normal service.","state":"PUBLIC","assigner":"psirt@huawei.com","published_at":"2021-02-06 03:15:00","updated_at":"2021-02-10 18:52:00"},"problem_types":["CWE-120"],"metrics":[],"references":[{"url":"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210127-04-smartphone-en","name":"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210127-04-smartphone-en","refsource":"CONFIRM","tags":["Vendor Advisory"],"title":"Security Advisory - Buffer Overflow Vulnerability in Huawei Smartphone","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-22305","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-22305","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"22305","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"huawei","cpe5":"mate_30","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"22305","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"huawei","cpe5":"mate_30","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"22305","vulnerable":"0","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"huawei","cpe5":"mate_30","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"22305","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"huawei","cpe5":"mate_30_firmware","cpe6":"10.1.0.126\\(c00e125r5p3\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"22305","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"huawei","cpe5":"mate_30_firmware","cpe6":"10.1.0.126\\(c00e125r5p3\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2021-22305","ASSIGNER":"psirt@huawei.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"HUAWEI Mate 30","version":{"version_data":[{"version_value":"10.1.0.126(C00E125R5P3)"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Buffer Overflow"}]}]},"references":{"reference_data":[{"refsource":"CONFIRM","name":"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210127-04-smartphone-en","url":"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210127-04-smartphone-en"}]},"description":{"description_data":[{"lang":"eng","value":"There is a buffer overflow vulnerability in Mate 30 10.1.0.126(C00E125R5P3). A module does not verify the some input when dealing with messages. Attackers can exploit this vulnerability by sending malicious input through specific module. This could cause buffer overflow, compromising normal service."}]}},"nvd":{"publishedDate":"2021-02-06 03:15:00","lastModifiedDate":"2021-02-10 18:52:00","problem_types":["CWE-120"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW","baseScore":3.3,"baseSeverity":"LOW"},"exploitabilityScore":1.8,"impactScore":1.4},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:N/I:N/A:P","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL","baseScore":2.1},"severity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:huawei:mate_30_firmware:10.1.0.126\\(c00e125r5p3\\):*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:huawei:mate_30:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"22305","Ordinal":"197008","Title":"CVE-2021-22305","CVE":"CVE-2021-22305","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"22305","Ordinal":"1","NoteData":"There is a buffer overflow vulnerability in Mate 30 10.1.0.126(C00E125R5P3). A module does not verify the some input when dealing with messages. Attackers can exploit this vulnerability by sending malicious input through specific module. This could cause buffer overflow, compromising normal service.","Type":"Description","Title":null},{"CveYear":"2021","CveId":"22305","Ordinal":"2","NoteData":"2021-02-05","Type":"Other","Title":"Published"},{"CveYear":"2021","CveId":"22305","Ordinal":"3","NoteData":"2021-02-05","Type":"Other","Title":"Modified"}]}}}