Connect with us

Updates

Huawei listed EMUI July 2021 security patch details

Published

on

EMUI July 2021 Security Patch Details Released

In June 2021, Huawei has launched the HarmonyOS 2.0 operating system for smartphones. Following the launch, there are many smartphones and other devices that are getting HarmonyOS updates in the form of beta and stable. The company’s goal is to cover 100 devices soon.

Apart from the HarmonyOS, the company has also upgraded its device security patches. Now, Huawei has officially released the July 2021 EMUI and Magic UI security patch details, the security update includes the CVE (Common Vulnerabilities and Exposures). This security update includes the CVE announced in the July 2021 Android security bulletin. It includes 28 Medium and 21 High levels of CVE’s.

According to the track record, the Common Vulnerabilities and Exposures (CVE) system tracks publicly known security vulnerabilities and exposures in publicly released software packages.

This security update includes the CVE announced in the July 2021 Android security bulletin.

Critical:none

Advertisement

High:CVE-2021-0599,CVE-2020-0417,CVE-2021-0585,CVE-2021-0586,CVE-2021-0587,CVE-2021-0588,CVE-2021-0589,CVE-2021-0590,CVE-2021-0594,CVE-2021-0596,CVE-2021-0597,CVE-2021-0486,CVE-2021-0600,CVE-2021-0601,CVE-2021-0602,CVE-2021-0604,CVE-2021-0441,CVE-2021-0478,CVE-2021-0512,CVE-2020-11267,CVE-2020-14305

Medium:CVE-2021-0534,CVE-2021-0535,CVE-2021-0537,CVE-2021-0538,CVE-2021-0539,CVE-2021-0541,CVE-2021-0542,CVE-2021-0544,CVE-2021-0545,CVE-2021-0546,CVE-2021-0547,CVE-2021-0548,CVE-2021-0549,CVE-2021-0553,CVE-2021-0555,CVE-2021-0556,CVE-2021-0557,CVE-2021-0558,CVE-2021-0559,CVE-2021-0561,CVE-2021-0562,CVE-2021-0564,CVE-2021-0567,CVE-2021-0569,CVE-2021-0570,CVE-2021-0572,CVE-2021-0606,CVE-2021-0605

Low: none

Already included in previous updates:CVE-2020-0267,CVE-2020-0478,CVE-2021-0489,CVE-2021-0490,CVE-2021-0491,CVE-2021-0492,CVE-2021-0493,CVE-2021-0494,CVE-2021-0495,CVE-2021-0496,CVE-2021-0497,CVE-2021-0498,CVE-2021-0571,CVE-2020-1971,CVE-2021-0563,CVE-2021-0513,CVE-2021-0368,CVE-2021-0536,CVE-2021-0529,CVE-2021-0530,CVE-2021-0526,CVE-2021-0532,CVE-2021-0533,CVE-2021-0525,CVE-2021-0527,CVE-2021-0528,CVE-2021-0531

For more information on security patches, please refer to the Android security bulletins (https://source.android.com/security/bulletin).

Advertisement

This security update includes the following Huawei patches:

CVE-2021-22475: Improper permission management vulnerability in some Huawei phones

Severity: Low

Affected versions: EMUI 11.0.0, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Advertisement

CVE-2021-22394: Buffer overflow vulnerability in some Huawei devices

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0

Impact: Successful exploitation of this vulnerability may cause DoS of the apps during Multi-Screen Collaboration.

CVE-2021-36997: Low memory error in some Huawei devices due to the unlimited size of images to be parsed

Advertisement

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability may cause the Gallery or Files app to exit unexpectedly.

CVE-2021-36996: Improper verification vulnerability in some Huawei devices

Severity: Low

Advertisement

Affected versions: EMUI 11.0.0, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may cause transmission of certain virtual information.

CVE-2021-36995: Unauthorized file access vulnerability in some Huawei phones

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Advertisement

Impact: Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups.

CVE-2021-36994: Trustlist strings being repeatedly inserted into the linked list in some Huawei devices due to race conditions

Severity: Low

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability can cause exceptions when managing the system trustlist.

Advertisement

CVE-2021-36993: Memory leaks in some Huawei phones

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability may affect service availability.

CVE-2021-36992: Public key verification vulnerability in some Huawei phones

Advertisement

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-36991: Unauthorized file access vulnerability in some Huawei devices due to unstandardized path input

Severity: Medium

Advertisement

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability by creating malicious file paths can cause unauthorized file access.

CVE-2021-36990: Vulnerability of tampering with the kernel in some Huawei phones

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Advertisement

Impact: Successful exploitation of this vulnerability may escalate permissions.

CVE-2021-36989: Kernel crash vulnerability in some Huawei phones

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability may escalate permissions.

Advertisement

CVE-2021-36988: Parameter verification issues in some Huawei phones

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability can affect service integrity.

CVE-2021-36987: Nodes in the linked list being freed for multiple times in some Huawei devices due to race conditions

Advertisement

Severity: High

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability can cause the system to restart.

CVE-2021-36986: Vulnerability of tampering with the kernel in some Huawei phones

Severity: Medium

Advertisement

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability may escalate permissions.

CVE-2021-36985: Code injection vulnerability in some Huawei devices

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Advertisement

Impact: Successful exploitation of this vulnerability may exhaust system resources and cause the system to restart.

CVE-2021-22491: Input verification vulnerability in some Huawei devices

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability may affect service availability.

Advertisement

CVE-2021-22490: Permission verification vulnerability in some Huawei phones

Severity: Low

Affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0

Impact: Successful exploitation of this vulnerability may affect the device performance.

CVE-2021-22488: Unauthorized file access vulnerability in some Huawei phones

Advertisement

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups.

CVE-2021-22487: Out-of-bounds read vulnerability in some Huawei phones

Severity: Medium

Advertisement

Affected versions: EMUI 11.0.0, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may affect service availability.

CVE-2021-22486: Unstandardized field names in some Huawei phones

Severity: High

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Advertisement

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-22485: SSID vulnerability with Wi-Fi network connections in Huawei devices

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Advertisement

CVE-2021-22483: IP address spoofing vulnerability in some Huawei phones

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability may cause DoS.

CVE-2021-22482: Uninitialized variable vulnerability in some Huawei devices

Advertisement

Severity: Low

Affected versions: EMUI 11.0.0, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may cause transmission of invalid data.

CVE-2021-36998: Improper verification vulnerability in some devices

Severity: Low

Advertisement

Affected versions: EMUI 11.0.0, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may allow attempts to read an array that is out of bounds.

CVE-2021-22474: Out-of-bounds memory access in some Huawei phones

Severity: Medium

Affected versions: EMUI 11.0.0, Magic UI 4.0.0

Advertisement

Impact: Successful exploitation of this vulnerability may cause process exceptions.

CVE-2021-22473: Authentication vulnerability in some Huawei devices

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Advertisement

CVE-2021-22472: Improper verification vulnerability in some Huawei phones

Severity: High

Affected versions: EMUI 11.0.0, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-22460: Boot restriction bypass vulnerability in some Huawei phones

Advertisement

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-22455: Integer overflow vulnerability with the Always On Display (AOD) driver in some Huawei devices

Severity: Medium

Advertisement

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability may escalate the permission to that of the root user.

CVE-2021-22450: Memory leaks in some Huawei devices due to exceptions when freeing memory

Severity: High

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Advertisement

Impact: Successful exploitation of this vulnerability will exhaust system memory resources and cause the device to restart.

CVE-2021-22436: Logic bypass vulnerability in some Huawei devices

Severity: High

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability may affect service integrity and availability.

Advertisement

CVE-2021-22435: Logic bypass vulnerability in some Huawei devices

Severity: High

Affected versions: EMUI 10.1.1, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability may affect service integrity and availability.

CVE-2021-22425: Nodes in the linked list being freed for multiple times in some Huawei devices due to race conditions

Advertisement

Severity: High

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability can cause the system to restart.

CVE-2021-22423: Integer overflow vulnerability with the Always On Display (AOD) driver in some Huawei devices

Severity: High

Advertisement

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability may escalate the permission to that of the root user.

CVE-2021-22422: Integer overflow vulnerability with the Always On Display (AOD) driver in some Huawei devices

Severity: High

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Advertisement

Impact: Successful exploitation of this vulnerability may escalate the permission to that of the root user.

CVE-2021-22419: Startup verification vulnerability with non-Huawei APKs in some Huawei devices

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability may allow knock-off apps to run automatically.

Advertisement

CVE-2021-22418: Integer overflow vulnerability with the Always On Display (AOD) driver in some Huawei devices

Severity: High

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability may escalate the permission to that of the root user.

CVE-2021-22417: Memory leaks and out-of-bounds access vulnerabilities in some Huawei phones

Advertisement

Severity: High

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact: Successful exploitation of these vulnerabilities may escalate the permission to that of the root user.

CVE-2021-22407: Identity verification vulnerability due to unverified server when connecting Huawei phones to a computer via HiSuite

Severity: Low

Advertisement

Affected versions: EMUI 11.0.0, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-22406: Remote DoS vulnerability with the MeeTime app

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Advertisement

Impact: Successful exploitation of this vulnerability will cause the app to exit unexpectedly.

CVE-2021-22405: Configuration defects in some Huawei phones

Severity: Medium

Affected versions: EMUI 11.0.0, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may affect service availability.

Advertisement

CVE-2021-22404: Directory traversal vulnerability in Huawei phones

Severity: Low

Affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-22403: Vulnerability of hijacking unverified providers in some Huawei phones

Advertisement

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious commands.

CVE-2021-22402: DoS vulnerability in some Huawei phones

Severity: High

Advertisement

Affected versions: EMUI 11.0.0, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may cause DoS attacks.

CVE-2021-22401: Remote DoS vulnerability in some Huawei phones

Severity: High

Affected versions: EMUI 11.0.0, Magic UI 4.0.0

Advertisement

Impact: Successful exploitation of this vulnerability can affect service integrity.

CVE-2021-22395: Code injection vulnerability in some Huawei devices

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Advertisement

CVE-2021-36999: Buffer overflow vulnerability in some Huawei devices

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability by sending malicious images and inducing users to open the images may cause remote code execution.

CVE-2021-37000: Improper permission management vulnerability in some Huawei phones

Advertisement

Severity: High

Affected versions: EMUI 11.0.0, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-22367: Logic bypass vulnerability in some Huawei devices

Severity: High

Advertisement

Affected versions: EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may lead to authentication bypass.

Join_Huawei_Update_Telegram_Channel

Huawei Apps Apk

Huawei Compass getting 14.1.0.325 2024 App update

Published

on

By

Huawei Compass and Huawei Camera update

Huawei Compass application is now getting the September 2024 App update, the all-new app update is rolling with version 14.1.0.325. The official changelog is still missing but we can assume the performance and stability may be improved. Below check the latest App APKs.

Download Huawei Compass Version 14.1.0.325 APK here.
Download Huawei Compass Version 14.1.0.321 APK here.
Download Huawei Camera Version 11.1.5.387 APK here.

Join HuaweiUpdate On Telegram for instant Huawei Updates. Follow us on Google news.

Huawei Compass and Huawei Camera update

Continue Reading

Huawei Apps Apk

Huawei Books September 2024 update rolling out

Published

on

By

Download the latest Huawei Books

Huawei has started sending the new update for the Huawei Books App. The latest September 2024 update comes with version 9.1.36.300 and the update size is approx 70 MB. Huawei Books offer a Global Digital Reading Platform. A treasure trove of eBooks, audiobooks, magazines, and comics for you to explore.

Smart Reading Experience
Night mode, adaptive reading in dark environments.

Portable Library Anytime Anywhere
Synchronize and save your books and note abstracts on the cloud, and reading records will never be lost.

Listen to Thousands of Stories
Audiobooks make you experience stories like never before, adding value to your day-to-day activities.

Download the latest Huawei Books APK

Huawei Books Latest APK

Advertisement
Continue Reading

Huawei Apps Apk

Huawei Browser September 2024 update brings 15.0.6.301 version

Published

on

By

Huawei Browser Update 2023

Huawei has started rolling out a new update to its Browser App. As per the changelog, users can now download the new version 15.0.6.301 and it includes the latest security patch. Huawei Browser offers you high-speed web browsing, convenient searching, and comprehensive privacy protection for HUAWEI smartphone users.

Huawei Browser Key Features

  • Search – Search instantly through the search bar.
  • Ultra fast speed – Access fast web browsing through HUAWEI Browser’s brand-new engine.
  • Night mode – Effectively reduce blue light to protect your eyes.
  • Private browsing – Keep your browsing activities and history private.
  • Saved passwords – Conveniently save your passwords for fast access to all of your favorite services.

Download the latest Huawei Browser App Apk

12.0.4.301 Huawei Browser App

Join HU On Telegram

Continue Reading

Most Popular