CVE-2021-22296 - A component of HarmonyOS 2.0 has a DoS vulnerability. Local attackers may exploit this vulnerability

CVE-2021-22296

Summary

A component of HarmonyOS 2.0 has a DoS vulnerability. Local attackers may exploit this vulnerability to mount a file system to the target device, causing DoS of the file system.

References

https://device.harmonyos.com/cn/console/safetyDetail?id=9145efa5d9064d94a7fc3968b6054d83&pageSize=10&pageIndex=1
https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2021/2021-03.md
https://www.tenable.com/cve/CVE-2021-22296

Vulnerable Configurations

cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*
cpe:2.3:o:huawei:harmonyos:2.0:*:*:*:*:*:*:*

CVSS

Base:	4.9 (as of 09-03-2021 - 14:06)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:N/I:N/A:C

Last major update

09-03-2021 - 14:06

Published

02-03-2021 - 19:15

Last modified

09-03-2021 - 14:06