Huawei News
Huawei released November 2021 EMUI security details, HarmonyOS global awaits
Huawei launched the HarmonyOS 2.0 operating system for smartphones in June this year. Following the launch, there are many smartphones and devices that were updated with the HarmonyOS updates in the form of beta and stable also the global users are still waiting to grab this major update. Recently, the 150 million HarmonyOS 2.0 upgrade device milestone has been achieved by the company.
Apart from the HarmonyOS, the company has also upgraded its device security patches. The November 2021 Huawei EMUI security patch is now live and it fixes 1 critical, 22 high levels of CVEs, 8 medium levels of CVEs while there’s no low level of CVEs. The November 2021 security patch also fixes 2 high levels of CVE as well as 8 levels of medium CVEs.
November 2021 EMUI security CVE details:
Critical: CVE-2020-11264
High: CVE-2020-15358, CVE-2021-0652, CVE-2021-0706, CVE-2021-0708, CVE-2021-0651, CVE-2021-0705, CVE-2021-0643, CVE-2021-0702, CVE-2021-0703, CVE-2021-30306, CVE-2021-30305, CVE-2021-27666, CVE-2021-29647, CVE-2020-29660, CVE-2021-1977, CVE-2020-24588, CVE-2021-1980, CVE-2020-24587, CVE-2020-26139, CVE-2020-26141, CVE-2020-26145, CVE-2020-26146
Medium: CVE-2021-0941, CVE-2021-31916, CVE-2021-1966, CVE-2021-0936, CVE-2021-0935, CVE-2021-1967, CVE-2019-25045, CVE-2021-0937
Low: None
This security update includes the CVE of other third-party library patches:
High: CVE-2021-32399, CVE-2020-17541
Medium: CVE-2020-14314, CVE-2019-20934, CVE-2020-25641, CVE-2020-35508, CVE-2020-12352, CVE-2020-24490, CVE-2021-3564, CVE-2021-0129
This security update includes the following HUAWEI patches:
CVE-2021-37110: Timing design defects in some HUAWEI devices
Severity: High
Affected versions: EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-22481: Verification errors in some HUAWEI phones
Severity: Medium
Affected versions: EMUI11.0.1
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-37096: Input verification vulnerability in some HUAWEI devices
Severity: Medium
Affected versions: EMUI 11.0.0, Magic UI 4.0.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-37074: Race condition vulnerability in some HUAWEI phones
Severity: Medium
Affected versions: EMUI 11.0.0, EMUI 10.1.0, EMUI 10.0.0, Magic UI 4.0.0, Magic UI 3.1.0, Magic UI 3.0.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-37069: Race condition vulnerability in some HUAWEI phones
Severity: Medium
Affected versions: EMUI10.1.1, EMUI10.1.0, EMUI10.0.0, EMUI9.1.1, EMUI9.1.0, MagicUI4.0.0, MagicUI3.1.1, MagicUI3.1.0, MagicUI3.0.0, MagicUI2.1.1
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-37039: Input verification vulnerability in some HUAWEI phones
Severity: High
Affected versions: EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1
Impact: Successful exploitation of this vulnerability may cause Bluetooth DoS.
CVE-2021-37118: Man-in-the-middle (MITM) attack vulnerability when using HUAWEI Share in some HUAWEI devices
Severity: Medium
Affected versions: EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-39973: Null pointer dereference in some HUAWEI phones
Severity: Medium
Affected versions: EMUI 11.0.0, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1
Impact: Successful exploitation of this vulnerability may cause the kernel to break down.
CVE-2021-36988: Input verification vulnerability in some HUAWEI phones
Severity: Medium
Affected versions: EMUI 10.1.0, Magic UI 3.1.0
Impact: Successful exploitation of this vulnerability may result in code execution.
CVE-2021-39966: Uninitialized AOD driver structure in some HUAWEI devices
Severity: High
Affected versions: EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-37133: Unauthorized file access vulnerability in some HUAWEI phones
Severity: High
Affected versions: EMUI11.0.1
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-37126: Unstrict URI verification vulnerability in some HUAWEI devices
Severity: High
Affected versions: EMUI11.0.0, EMUI10.1.1, MagicUI4.0.0, MagicUI3.1.1
Impact: Successful exploitation of this vulnerability may cause directory traversal attacks and affect confidentiality.
CVE-2021-37125: Input verification absence in some HUAWEI devices
Severity: Medium
Affected versions: EMUI11.0.0, EMUI10.1.1, MagicUI4.0.0, MagicUI3.1.1
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-39974: Out-of-bounds read in some HUAWEI phones
Severity: Medium
Affected versions: EMUI 10.1.0, Magic UI 3.1.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-39978: Security verification absence in some HUAWEI devices
Severity: Medium
Affected versions: EMUI10.1.0, EMUI10.0.0, EMUI9.1.0, MagicUI3.1.0, MagicUI3.0.0
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-37112: Incomplete device version verification vulnerability due to the integrity protection defects of the PC version of HiSuite in some HUAWEI devices
Severity: Medium
Affected versions: EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0.
Huawei News
Huawei Petal Mail App will no longer be available for download
According to the official information, the Huawei released the delisting announcement of its Petal Mail App. The full text of the announcement is as follows: [translated]
Thank you for your continued attention and support to the Huawei Petal Mail App. In order to better adapt to the changing needs of product experience, service content and local markets, we have made strategic adjustments to the Huawei Petal Mail App.
The Petal Mail App will officially switch to the Email App on December 31, 2024, and the Petal Mail App will no longer be available for download from the App Store. The Petal Mail App you have installed can be used normally. We apologize for the inconvenience. You can continue to view, send or receive emails in the pre-installed Email App on your Huawei phone or use a computer browser to open the Petal Mail official website ( https://www.petalmail.com ), and your emails and personal data will not be lost.
Huawei News
Huawei Mate 70 lineup repair spare parts prices announced
Huawei released the Mate 70 series of mobile phones, with a starting price of 5,499 yuan. At present, the prices of spare parts for the new Mate 70 series have been announced on Huawei’s official website.
Huawei Mate 70 lineup repair spare parts prices announced
Battery and motherboard
Mate 70
Battery — 199
12GB+256GB — 2499
12GB+512GB — 2899
12GB+1TB — 3599
Mate 70 Pro
Battery — 199
12GB+256GB — 2899
12GB+512GB — 3299
12GB+1TB — 3999
Mate 70 Pro+
Battery — 299
16GB+512GB — 4399
16GB+1TB — 4899
Mate 70 RS
Battery — 299
16GB+512GB — 6499
16GB+1TB — 6999
Camera
Huawei News
Huawei FreeBuds Pro 4 official announcement
Huawei officially announced the new FreeBuds Pro 4 headphones. This is the first TWS headset equipped with HarmonyOS NEXT and will be officially launched at the Huawei Mate Brand Festival on November 26.
As can be seen from the poster, the headset adopts an in-ear design with black and gold color matching, and the overall shape is similar to the previous generation. With the support of the new system, FreeBuds Pro 4 is expected to bring more functional upgrades.
For reference, Huawei FreeBuds Pro 3 was released in September last year with an initial price of 1,499 yuan . It is equipped with the Kirin A2 chip that uses Polar code, supports Star Flash connection core technology and Bluetooth technology, and the new L2HC 3.0 protocol.