EMUI September 2021 Security Patch Details
In June 2021, Huawei launched the HarmonyOS 2.0 operating system for smartphones. Following the launch, there are many smartphones and other devices that are getting HarmonyOS updates in the form of beta and stable. The company’s goal is to cover 100 devices soon.
Apart from the HarmonyOS, the company has also upgraded its device security patches. Now, Huawei has officially released the September 2021 EMUI and Magic UI security patch details, the security update includes the CVE (Common Vulnerabilities and Exposures). This security update includes the CVE announced in the September 2021 security bulletin. It includes 2 Critical, and 18 High levels of CVE’s.
According to the track record, the Common Vulnerabilities and Exposures (CVE) system tracks publicly known security vulnerabilities and exposures in publicly released software packages.
This security update includes the CVE announced in the Android security bulletin.
Critical: CVE-2021-1976, CVE-2021-1972
High: CVE-2021-0591, CVE-2021-0593, CVE-2021-0640, CVE-2021-0641, CVE-2021-0642, CVE-2021-0646, CVE-2021-0584, CVE-2021-1939, CVE-2021-1947, CVE-2020-14381, CVE-2021-1904, CVE-2021-0573, CVE-2021-0574, CVE-2021-0576, CVE-2021-0579, CVE-2021-0580, CVE-2021-0581, CVE-2021-0582
Medium: none
Low: none
Already included in previous updates: CVE-2019-9239, CVE-2019-9238, CVE-2019-9309, CVE-2021-0592
This security update includes the following HUAWEI patches:
CVE-2021-22376: Logic bypass vulnerability in some HUAWEI phones
Severity: High
Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1
Impact: Successful exploitation of this vulnerability may affect service confidentiality, availability, and integrity.
CVE-2021-22325: Video streaming vulnerability in some HUAWEI phones
Severity: Medium
Affected versions: EMUI 10.1.0, EMUI 10.0.0, Magic UI 3.1.0, Magic UI 3.0.0
Impact: Successful exploitation of this vulnerability may result in video streams being intercepted during wired projections.
CVE-2021-22486: Unstandardized field names in some HUAWEI phones
Severity: High
Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-22436: Logic bypass vulnerability in some HUAWEI phones
Severity: High
Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1
Impact: Successful exploitation of this vulnerability may affect service integrity and availability.
CVE-2021-22435: Logic bypass vulnerability in some HUAWEI phones
Severity: High
Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1
Impact: Successful exploitation of this vulnerability may affect service confidentiality, availability, and integrity.
CVE-2021-33909: Privilege escalation vulnerability in the file system components of some HUAWEI devices
Severity: High
Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-22372: Logic bypass vulnerability in some HUAWEI phones
Severity: High
Affected versions: EMUI 10.1.0, EMUI 10.0.0, Magic UI 3.1.0, Magic UI 3.0.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-22370: Improper verification vulnerability in some HUAWEI phones
Severity: High
Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-22343: Logic bypass vulnerability in some HUAWEI phones
Severity: High
Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1
Impact: Successful exploitation of this vulnerability may affect service integrity and availability.
CVE-2021-22334: Malicious Wi-Fi construction vulnerability in some HUAWEI phones
Severity: Medium
Affected versions: EMUI 10.1.0, Magic UI 3.1.0
Impact: Successful exploitation of this vulnerability may cause app redirections.
CVE-2021-37009: Multi-user settings vulnerability in the system components of some HUAWEI devices
Severity: High
Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-37027: DoS vulnerability in some HUAWEI devices
Severity: Medium
Affected versions: EMUI 10.1.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 2.1.1
Impact: Successful exploitation of this vulnerability may affect service integrity.
CVE-2021-22322: Logic bypass vulnerability in some HUAWEI phones
Severity: Medium
Affected versions: EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Related:
Okay, so you're sitting in your favorite café, scrolling through Instagram, and suddenly your WiFi…
Your Huawei phone won't charge. You plug it in, nothing happens. Before you panic or…
Locked out of your Huawei phone? Don't panic. Whether you've forgotten your password, PIN, pattern,…
Is your Huawei phone dying in just a few hours? You're not alone. Battery drain…
Huawei is getting ready to release a new super-thin phone called the Mate 70 Air.…
Tipster Digital Chat Station has confirmed that the Chinese tech giant Huawei will release new…