Connect with us

EMUI

These 5 privacy issues on EMUI software system solved with June 2021 security improvements

Published

on


June is really a hectic month for Huawei because HarmonyOS 2 beta closed as well as public beta testing is going on in China. Additionally, the company is also preparing to launch the next P-series flagship, Huawei P50 in the coming months.

But, the good thing is that the company never forgets to achieve its routine goals such as releasing the security patch details, the rollout of the software update, and improving its performance for its devices.

In this line, Huawei has recently kicked off the June 2021 security patch details that fix different levels of exploits and issues including 2 critical, and 13 high levels of CVEs for improved system security.

Fixing only bugs and vulnerabilities is sufficient for device system security?

The installation of security patch patches or software updates fixes some unknown hidden privacy issues that entered the device, these could be very harmful to users.

The issues can help the hackers or make it easier for them to enter into your device. These hackers can leak and stole your private and personal data save in the device, which is really very risky.

Now, to solve these issues, enhance system security and data privacy, Huawei makes a little bit more effort. The company tried to find the hidden privacy in previous updates and solve them with this security patch.

According to the information, Huawei has fixed 5 hidden privacy issues for EMUI and Magic UI devices. Check the solved CVE details, danger level, impact, and more detailed below.

CVE 1:

CVE-2021-22387: Deserialization vulnerability in some Huawei phones

Danger level: Medium

EMUI/Magic UI affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0

Impact of this CVE on the device: Successful exploitation of this vulnerability may allow attempts to remotely execute commands.

CVE 2:

CVE-2021-22381: Bluetooth protocol stack vulnerability in some Huawei phones

Danger level: Medium

EMUI/Magic UI affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact of this CVE on the device: Successful exploitation of this vulnerability may cause an infinite loop in DoS.

CVE 3:

CVE-2021-22379: Integer overflow vulnerability in some Huawei phones

Danger level: Low

EMUI/Magic UI affected versions: EMUI 11.0.0, Magic UI 4.0.0

Impact of this CVE on the device: Successful exploitation of this vulnerability may cause DoS of Samgr.

CVE 4:

CVE-2021-22376: Logic bypass vulnerability in some Huawei phones

Danger level: High

EMUI/Magic UI affected versions: EMUI 10.1.1, Magic UI 3.1.1

Impact of this CVE on the device: Successful exploitation of this vulnerability may affect service confidentiality, availability, and integrity.

CVE 5:

CVE-2021-22375: Logic bypass vulnerability in some Huawei phones

Danger level: High

EMUI/Magic UI affected versions: EMUI 10.1.1, Magic UI 3.1.1

Impact of this CVE on the device: Successful exploitation of this vulnerability may affect service confidentiality, availability, and integrity.

Amy is our firmware and software specialist, she keeps her eagle eyes open for new software rollouts, beta programs, and other software related activities as well as new smartphone launch.