Vulnerability Description
Huawei LTE USB Dongle products have an improper permission assignment vulnerability. An attacker can locally access and log in to a PC to induce a user to install a specially crafted application. After successfully exploiting this vulnerability, the attacker can perform unauthenticated operations. Affected product versions include:E3372 E3372h-153TCPU-V200R002B333D01SP00C00.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | E3372 Firmware | < 22.333.03.00.00 |
| Huawei | E3372 | - |
| Huawei | E8372 Firmware | < 21.333.03.00.00 |
| Huawei | E8372 | - |
Related Weaknesses (CWE)
References
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210602-01-permisVendor Advisory
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210602-01-permisVendor Advisory
FAQ
What is CVE-2021-22382?
CVE-2021-22382 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Huawei LTE USB Dongle products have an improper permission assignment vulnerability. An attacker can locally access and log in to a PC to induce a user to install a specially crafted application. Afte...
How severe is CVE-2021-22382?
CVE-2021-22382 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-22382?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei E3372 Firmware, Huawei E3372, Huawei E8372 Firmware, Huawei E8372.