{"api_version":"1","generated_at":"2026-04-23T06:20:37+00:00","cve":"CVE-2021-22330","urls":{"html":"https://cve.report/CVE-2021-22330","api":"https://cve.report/api/cve/CVE-2021-22330.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-22330","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-22330"},"summary":{"title":"CVE-2021-22330","description":"There is an out of bounds write vulnerability in Huawei Smartphone HUAWEI P30 versions 9.1.0.131(C00E130R1P21) when processing a message. An unauthenticated attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation of the input parameter, successful exploit can cause the process and the service to be abnormal.","state":"PUBLIC","assigner":"psirt@huawei.com","published_at":"2021-04-28 12:15:00","updated_at":"2021-05-08 02:49:00"},"problem_types":["CWE-787"],"metrics":[],"references":[{"url":"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210331-01-p30-en","name":"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210331-01-p30-en","refsource":"MISC","tags":[],"title":"Security Advisory - Out of Bounds Write Vulnerability in Huawei Smartphone","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-22330","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-22330","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"22330","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"huawei","cpe5":"p30","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"22330","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"huawei","cpe5":"p30_firmware","cpe6":"9.1.0.131\\(c00e130r1p21\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2021-22330","ASSIGNER":"psirt@huawei.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"HUAWEI P30","version":{"version_data":[{"version_value":"9.1.0.131(C00E130R1P21)"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Out of Bounds Write"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210331-01-p30-en","url":"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210331-01-p30-en"}]},"description":{"description_data":[{"lang":"eng","value":"There is an out of bounds write vulnerability in Huawei Smartphone HUAWEI P30 versions 9.1.0.131(C00E130R1P21) when processing a message. An unauthenticated attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation of the input parameter, successful exploit can cause the process and the service to be abnormal."}]}},"nvd":{"publishedDate":"2021-04-28 12:15:00","lastModifiedDate":"2021-05-08 02:49:00","problem_types":["CWE-787"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":6.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:A/AC:L/Au:N/C:N/I:N/A:P","accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL","baseScore":3.3},"severity":"LOW","exploitabilityScore":6.5,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:huawei:p30_firmware:9.1.0.131\\(c00e130r1p21\\):*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"22330","Ordinal":"197033","Title":"CVE-2021-22330","CVE":"CVE-2021-22330","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"22330","Ordinal":"1","NoteData":"There is an out of bounds write vulnerability in Huawei Smartphone HUAWEI P30 versions 9.1.0.131(C00E130R1P21) when processing a message. An unauthenticated attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation of the input parameter, successful exploit can cause the process and the service to be abnormal.","Type":"Description","Title":null},{"CveYear":"2021","CveId":"22330","Ordinal":"2","NoteData":"2021-04-28","Type":"Other","Title":"Published"},{"CveYear":"2021","CveId":"22330","Ordinal":"3","NoteData":"2021-04-28","Type":"Other","Title":"Modified"}]}}}