May 21, 2022

These 5 Privacy Issues on the EMUI Software System Fixed with June 2021 Security Improvements

June is definitely a hectic month for Huawei as the HarmonyOS 2 beta is closed and public beta testing is underway in China. Moreover, the company is also preparing to launch the next P-series flagship, Huawei P50, in the coming months.

But the good thing is that the company never forgets to accomplish its routine goals such as releasing security patch details, rolling out software update, and improving the performance of its devices.

In this line, Huawei recently released June 2021 security patch details which fixes different levels of exploits and issues including 2 critical and 13 high CVE levels for improved system security.

Fixing only bugs and vulnerabilities is enough for device system security?

Installing security patches or software updates fixes some unknown hidden privacy issues that entered into the device, these might be very harmful for the users.

Problems can help hackers or make it easier for them to gain access to your device. These hackers can leak and steal your private and personal data saved in the device which is really very risky.

Now, to solve these problems, improve system security and data privacy, Huawei is making a little more effort. The company tried to find hidden privacy in previous updates and fix them with this security patch.

According to the information, Huawei has fixed 5 hidden privacy issues for EMUI and Magic UI devices. Check the resolved CVE details, danger level, impact and more below.

CVE 1:

CVE-2021-22387: Deserialization vulnerability in some Huawei phones

Danger level: Average

Versions affected by EMUI/Magic UI: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0

Impact of this CVE on the device: Successful exploitation of this vulnerability could allow attempted remote command execution.

CVE 2:

CVE-2021-22381: Bluetooth protocol stack vulnerability in some Huawei phones

Danger level: Average

Versions affected by EMUI/Magic UI: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact of this CVE on the device: Successful exploitation of this vulnerability can cause an infinite loop in the DoS.

CVE 3:

CVE-2021-22379: Integer Overflow Vulnerability in Some Huawei Phones

Danger level: moo

Versions affected by EMUI/Magic UI: EMUI 11.0.0, Magic UI 4.0.0

Impact of this CVE on the device: Successful exploitation of this vulnerability may result in a DoS of Samgr.

CVE 4:

CVE-2021-22376: Logic Bypass Vulnerability in Some Huawei Phones

Danger level: High

Versions affected by EMUI/Magic UI: EMUI 10.1.1, Magic UI 3.1.1

Impact of this CVE on the device: Successful exploitation of this vulnerability may affect the confidentiality, availability, and integrity of the service.

CVE 5:

CVE-2021-22375: Logic Bypass Vulnerability in Some Huawei Phones

Danger level: High

Versions affected by EMUI/Magic UI: EMUI 10.1.1, Magic UI 3.1.1

Impact of this CVE on the device: Successful exploitation of this vulnerability may affect the confidentiality, availability, and integrity of the service.