CVE-2021-40055

Sažetak

There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity.

Reference

https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202203-0000001257385193
https://consumer.huawei.com/en/support/bulletin/2022/3/

CVSS

Base:	7.1
Impact:	6.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	COMPLETE	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:C/A:N

Zadnje važnije ažuriranje

14-03-2022 - 15:53

Objavljeno

10-03-2022 - 17:43