In June 2021, Huawei has launched the HarmonyOS 2.0 operating system for smartphones. Following the launch, there are many smartphones and other devices are getting HarmonyOS updates in the form of beta. The company’s goal is to cover 100 devices soon.
Apart from the HarmonyOS, the company has also upgraded its device security patches. Now, Huawei has officially released the June 2021 EMUI and Magic UI security patch details, the security update includes the CVE (Common Vulnerabilities and Exposures). This security update includes the CVE announced in the June 2021 Android security bulletin. It includes 2 Criticals and 13 High levels of CVE’s.
According to the track record, the Common Vulnerabilities and Exposures (CVE) system tracks publicly known security vulnerabilities and exposures in publicly released software packages.
This security update includes the CVE announced in the June 2021 Android security bulletin.
Critical:CVE-2021-0516,CVE-2021-0507
High:CVE-2020-11292,CVE-2021-0504,CVE-2021-0508,CVE-2021-0509,CVE-2021-0510,CVE-2021-0511,CVE-2021-0506,CVE-2021-0517,CVE-2021-0520,CVE-2021-0521,CVE-2021-0522,CVE-2021-0523,CVE-2021-0505
Medium:none
Low: none
Already included in previous updates:CVE-2020-0009,CVE-2018-11985,CVE-2020-0478,CVE-2020-0473,CVE-2020-27054,CVE-2020-27046,CVE-2020-0298,CVE-2020-0299,CVE-2021-0446,CVE-2021-0487,CVE-2021-1906,CVE-2021-1905,CVE-2021-28663,CVE-2021-28664,CVE-2021-0493,CVE-2021-0494,CVE-2021-0495,CVE-2021-0496,CVE-2021-0497,CVE-2021-0498,CVE-2021-0491,CVE-2021-0490,CVE-2021-0489,CVE-2021-0492,CVE-2019-9358
This security update includes the following Huawei patches:
CVE-2021-22387: Deserialization vulnerability in some Huawei phones
Severity: Medium
Affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0
Impact: Successful exploitation of this vulnerability may allow attempts to remotely execute commands.
CVE-2021-22381: Bluetooth protocol stack vulnerability in some Huawei phones
Severity: Medium
Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1
Impact: Successful exploitation of this vulnerability may cause an infinite loop in DoS.
CVE-2021-22379: Integer overflow vulnerability in some Huawei phones
Severity: Low
Affected versions: EMUI 11.0.0, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may cause DoS of Samgr.
CVE-2021-22376: Logic bypass vulnerability in some Huawei phones
Severity: High
Affected versions: EMUI 10.1.1, Magic UI 3.1.1
Impact: Successful exploitation of this vulnerability may affect service confidentiality, availability, and integrity.
CVE-2021-22375: Logic bypass vulnerability in some Huawei phones
Severity: High
Affected versions: EMUI 10.1.1, Magic UI 3.1.1
Impact: Successful exploitation of this vulnerability may affect service confidentiality, availability, and integrity.
