PT-2021-15011 · Huawei · Huawei Lte Usb Dongle

Martin Rakhmanov

Published

2021-06-22

Updated

2021-06-29

CVE-2021-22382

CVSS v3.1

6.5

Medium

Vector

AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Huawei LTE USB Dongle products version E3372h-153TCPU-V200R002B333D01SP00C00

Description: The issue is related to an improper permission assignment, allowing an attacker to locally access and log in to a PC. The attacker can induce a user to install a specially crafted application, enabling them to perform unauthenticated operations.

Recommendations: For version E3372h-153TCPU-V200R002B333D01SP00C00, update to a version that fixes the improper permission assignment issue to prevent unauthenticated operations. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Preservation of Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-281

Related Identifiers

CVE-2021-22382

Affected Products

Huawei Lte Usb Dongle

PT-2021-15011 · Huawei · Huawei Lte Usb Dongle

CVE-2021-22382

Weakness Enumeration

Related Identifiers

Affected Products

References · 4