CVE-2021-40040

Summary

Vulnerability of writing data to an arbitrary address in the HW_KEYMASTER module. Successful exploitation of this vulnerability may affect confidentiality.

Affected Software

VendorProductVersion RangeStatus
n/aHarmonyOS;EMUI;Magic UIHarmonyOS 2.0affected
n/aHarmonyOS;EMUI;Magic UIEMUI 11.0.0,EMUI 10.1.1,EMUI 10.1.0,EMUI 10.0.0affected
n/aHarmonyOS;EMUI;Magic UIMagic UI 4.0.0,Magic UI 3.1.1,Magic UI 3.1.0,Magic UI 3.0.0affected

Weaknesses

  • Write data to arbitrary address vulnerability

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References