CVE-2021-40046 – CVE-2021-40046 is a privilege escalation vulner... (How to Fix)

Q: What is the severity of CVE-2021-40046?

CVE-2021-40046 has a CVSS score of 9.8 (CRITICAL). CVE-2021-40046 is a privilege escalation vulnerability in Huawei PCManager version 11.1.1.95 that allows attackers to access resources beyond their authorized privileges. This affects users running the vulnerable version of Huawei PCManager software on their systems. Successful exploitation could lead to unauthorized system access and control.

📋 TL;DR

CVE-2021-40046 is a privilege escalation vulnerability in Huawei PCManager version 11.1.1.95 that allows attackers to access resources beyond their authorized privileges. This affects users running the vulnerable version of Huawei PCManager software on their systems. Successful exploitation could lead to unauthorized system access and control.

💻 Affected Systems

Products:

Huawei PCManager

Versions: 11.1.1.95

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects Huawei PCManager version 11.1.1.95 on Windows systems. Other versions and operating systems are not affected.

📦 What is this software?

Pcmanager by Huawei

View all CVEs affecting Pcmanager →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attacker gains full system administrator privileges, installs malware, steals sensitive data, and establishes persistent access to the compromised system.

🟠

Likely Case

Local attacker escalates privileges to install unauthorized software, modify system settings, or access protected files and resources.

🟢

If Mitigated

With proper access controls and monitoring, impact is limited to isolated systems with minimal data exposure.

🌐 Internet-Facing: LOW

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires local access to the system. No public proof-of-concept has been released as of the advisory date.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after 11.1.1.95

Vendor Advisory: https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220216-01-priesc-en

Restart Required: Yes

Instructions:

1. Open Huawei PCManager. 2. Check for updates in settings. 3. Install available updates. 4. Restart the computer to complete installation.

🔧 Temporary Workarounds

Uninstall PCManager

windows

Remove the vulnerable software entirely if not needed

Control Panel > Programs > Uninstall a program > Select Huawei PCManager > Uninstall

Restrict Local Access

all

Limit physical and remote access to systems with vulnerable software

🧯 If You Can't Patch

Implement strict access controls to limit who can log into affected systems
Monitor for unusual privilege escalation attempts and file access patterns

🔍 How to Verify

Check if Vulnerable:

Check PCManager version: Open PCManager > Settings > About. If version is 11.1.1.95, system is vulnerable.

Check Version:

wmic product where name="Huawei PCManager" get version

Verify Fix Applied:

Verify PCManager version is higher than 11.1.1.95 and check that no privilege escalation attempts are successful.

📡 Detection & Monitoring

Log Indicators:

Unexpected privilege escalation events
Unauthorized access to protected system resources
PCManager process spawning with elevated privileges

Network Indicators:

None - this is a local privilege escalation vulnerability

SIEM Query:

EventID=4688 AND ProcessName="PCManager.exe" AND NewProcessName contains "cmd.exe" OR "powershell.exe"

📊 Metadata

CVE ID: CVE-2021-40046

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Published: February 25, 2022

Last Updated: November 21, 2024

🔗 References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220216-01-priesc-en Vendor Advisory
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220216-01-priesc-en Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON