What is CVE-2021-22399?

CVE-2021-22399 is a DoS vulnerability in the Bluetooth function of some Huawei smartphones.

How can CVE-2021-22399 be exploited?

Attackers can exploit CVE-2021-22399 by installing third-party apps to send specific broadcasts, causing the Bluetooth module to crash.

Is the HUAWEI P30 affected by CVE-2021-22399?

No, the HUAWEI P30 is not affected by CVE-2021-22399.

How severe is CVE-2021-22399?

CVE-2021-22399 has a severity score of 5.5 (medium severity).

Vulnerability/
CVE-2021-22399

medium

5.5

13/7/2021

3/8/2024

CVE-2021-22399

Q: Which Huawei smartphones are affected by CVE-2021-22399?

Huawei P30 smartphones with firmware versions 10.0.0.195(c432e22r2p5), 10.0.0.200(c00e85r2p11), 10.0.0.200(c461e6r3p1), 10.0.0.201(c10e7r5p1), 10.0.0.201(c185e4r7p1), 10.0.0.206(c605e19r1p3), 10.0.0.209(c636e6r3p4), or 10.0.0.210(c635e3r2p4) are affected.

First published: Tue Jul 13 2021(Updated: )

The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth function to become abnormal. Affected product versions include: HUAWEI P30 10.0.0.195(C432E22R2P5), 10.0.0.200(C00E85R2P11), 10.0.0.200(C461E6R3P1), 10.0.0.201(C10E7R5P1), 10.0.0.201(C185E4R7P1), 10.0.0.206(C605E19R1P3), 10.0.0.209(C636E6R3P4), 10.0.0.210(C635E3R2P4), and versions earlier than 10.1.0.165(C01E165R2P11).

Credit: psirt@huawei.com

Affected Software	Affected Version	How to fix
Huawei P30 Firmware	=10.0.0.195\(c432e22r2p5\)
Huawei P30 Firmware	=10.0.0.200\(c00e85r2p11\)
Huawei P30 Firmware	=10.0.0.200\(c461e6r3p1\)
Huawei P30 Firmware	=10.0.0.201\(c10e7r5p1\)
Huawei P30 Firmware	=10.0.0.201\(c185e4r7p1\)
Huawei P30 Firmware	=10.0.0.206\(c605e19r1p3\)
Huawei P30 Firmware	=10.0.0.209\(c636e6r3p4\)
Huawei P30 Firmware	=10.0.0.210\(c635e3r2p4\)
HUAWEI P30
Huawei P30 Firmware	<10.1.0.165\(c01e165r2p11\)

Never miss a vulnerability like this again

Reference Links

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210707-03-dos-en

Frequently Asked Questions

What is CVE-2021-22399?
CVE-2021-22399 is a DoS vulnerability in the Bluetooth function of some Huawei smartphones.
How can CVE-2021-22399 be exploited?
Attackers can exploit CVE-2021-22399 by installing third-party apps to send specific broadcasts, causing the Bluetooth module to crash.
Which Huawei smartphones are affected by CVE-2021-22399?
Huawei P30 smartphones with firmware versions 10.0.0.195(c432e22r2p5), 10.0.0.200(c00e85r2p11), 10.0.0.200(c461e6r3p1), 10.0.0.201(c10e7r5p1), 10.0.0.201(c185e4r7p1), 10.0.0.206(c605e19r1p3), 10.0.0.209(c636e6r3p4), or 10.0.0.210(c635e3r2p4) are affected.
Is the HUAWEI P30 affected by CVE-2021-22399?
No, the HUAWEI P30 is not affected by CVE-2021-22399.
How severe is CVE-2021-22399?
CVE-2021-22399 has a severity score of 5.5 (medium severity).

collector/nvd-index
agent/references
agent/severity
agent/author
agent/type
agent/description
agent/event
agent/softwarecombine
agent/first-publish-date
agent/last-modified-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/huawei
canonical/huawei p30 firmware
version/huawei p30 firmware/10.0.0.195\(c432e22r2p5\)
version/huawei p30 firmware/10.0.0.200\(c00e85r2p11\)
version/huawei p30 firmware/10.0.0.200\(c461e6r3p1\)
version/huawei p30 firmware/10.0.0.201\(c10e7r5p1\)
version/huawei p30 firmware/10.0.0.201\(c185e4r7p1\)
version/huawei p30 firmware/10.0.0.206\(c605e19r1p3\)
version/huawei p30 firmware/10.0.0.209\(c636e6r3p4\)
version/huawei p30 firmware/10.0.0.210\(c635e3r2p4\)
canonical/huawei p30

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.