CVE-2021-22398

Name of the Vulnerable Software and Affected Versions Hulk-AL00C version 9.1.1.201(C00E201R8P1) Jennifer-AN00C version 10.1.1.171(C00E170R6P3) Jenny-AL10B version 10.1.0.228(C00E220R5P1) OxfordPL-AN10B version 10.1.0.116(C00E110R2P1)

Description The issue is related to a logic error in the software of several smartphones, specifically when the Digital Balance function is enabled. This error does not properly restrict certain operations, which could allow an attacker to bypass the Digital Balance limit after performing a series of operations. The vulnerability is associated with authorization errors.

Recommendations For Hulk-AL00C version 9.1.1.201(C00E201R8P1), consider disabling the Digital Balance function until a patch is available. For Jennifer-AN00C version 10.1.1.171(C00E170R6P3), restrict operations related to the Digital Balance limit to minimize the risk of exploitation. For Jenny-AL10B version 10.1.0.228(C00E220R5P1), avoid using the Digital Balance function in a way that could trigger the bypass of the limit. For OxfordPL-AN10B version 10.1.0.116(C00E110R2P1), as a temporary workaround, consider limiting the use of the Digital Balance function to essential operations only.