EMUI
These 5 privacy issues on EMUI software system solved with April 2021 security improvements
Huawei is always worried about their consumer’s device security and privacy. In this segment, every month the company delivered a security patch for its devices that fixes the different levels of exploits and issues.
Recently, Huawei has released the April 2021 security improvements that enhance system security and boost overall device performance. The April 2021 security 17 high and 69 medium levels of CVE, which defend the device against threats.
Additionally, this security update listed some known issues, which are resolved with the latest update. These issues are often surfaced in different EMUI and Magic UI versions.
Here’s the question arrive, from where these issues met the device? When we install the security updates, these are the hidden and harmful things that come with them. These are very dangerous because they give the opportunity to the hacker to step foot in your device.
With every monthly security note, Huawei tries to find and fix them for user’s device safety. Check the solved CVE details, risk level, impact, and more listed below:
CVE 1:
CVE-2021-22333: Integer overflow vulnerability in some Huawei phones
Risk Level: High
EMUI/Magic UI affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1
Impact of this CVE on the device: Successful exploitation of this vulnerability may cause code to execute, thus obtaining system permissions.
CVE 2:
CVE-2021-22334: Malicious Wi-Fi construction vulnerability in some Huawei phones
Risk Level: Medium
EMUI/Magic UI affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0
Impact of this CVE on the device: Successful exploitation of this vulnerability may cause app redirections.
CVE 3:
CVE-2021-22335: Heap overflow vulnerability in some Huawei phones
Risk Level: Medium
EMUI/Magic UI affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1
Impact of this CVE on the device: Successful exploitation of this vulnerability may cause exceptions in image processing.
CVE 4:
CVE-2021-22336: DoS vulnerability in some Huawei phones
Risk Level: Medium
EMUI/Magic UI affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0
Impact of this CVE on the device: Successful exploitation of this vulnerability may cause a denial of security services on a rooted device.
CVE 5:
CVE-2021-22337: Information leak vulnerability in some Huawei phones
Risk Level: Medium
EMUI/Magic UI affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0,EMUI 8.0,Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1
Impact of this CVE on the device: Successful exploitation of this vulnerability may cause leaking of user click data.