Huawei News

Huawei released June 2022 EMUI patch details

EMUI 12 stable update is almost rolled out for global devices. In terms of security patches, Huawei also focuses on the HarmonyOS/EMUI update for its eligible devices in a regular manner. Apart from the EMUI 12 and HarmonyOS, the June 2022 Huawei EMUI security patch is now live and it fixes 14 High levels, and 4 mediums while there are no low levels of CVEs.

Huawei released June 2022 EMUI patch details:

Critical: none

High: CVE-2021-39670, CVE-2022-20004, CVE-2022-20005, CVE-2022-20011, CVE-2022-20112, CVE-2021-39662, CVE-2022-20114, CVE-2022-22057, CVE-2021-4083, CVE-2022-22068, CVE-2022-20009, CVE-2022-0847, CVE-2022-20008, CVE-2022-22064, CVE-2022-22065

Medium: CVE-2021-39700, CVE-2021-35098, CVE-2021-35084, CVE-2021-35085

Low: none

Advertisement

Already included in previous updates: CVE-2021-25477, CVE-2021-0796, CVE-2021-39765, CVE-2021-39772, CVE-2021-39791, CVE-2021-30351, CVE-2021-30308, CVE-2021-30314, CVE-2021-30309, CVE-2021-30317, CVE-2021-30322, CVE-2021-30326, CVE-2021-30328, CVE-2021-30329, CVE-2021-30331, CVE-2021-30332, CVE-2021-30333

CVE-2021-46812: Device manager vulnerability in the multi-device task center

Severity: Medium

Affected versions: EMUI 12.0.0

Impact: Successful exploitation of this vulnerability can affect integrity.

Advertisement

CVE-2021-46811: Improper permission management vulnerability in the HwSEServiceAPP module

Severity: High

Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 12.0.0, EMUI 11.0.1, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may lead to the acquisition of CPLC information.

CVE-2021-40021: Out-of-bounds memory write in the eID module

Advertisement

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 12.0.0, EMUI 11.0.1, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability will affect confidentiality.

CVE-2021-40022: Missing parameter type validation in the weaver module

Severity: Critical

Advertisement

Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 12.0.0, EMUI 11.0.1, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability will affect confidentiality.

CVE-2021-40014: Information management error vulnerability in the bone voice ID TA

Severity: High

Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 12.0.0, EMUI 11.0.1, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Advertisement

Impact: Successful exploitation of this vulnerability will affect confidentiality.

CVE-2021-40006: Security risk of brute force cracking in the fingerprint sensor module

Severity: High

Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 12.0.0, EMUI 11.0.1, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may affect confidentiality.

Advertisement

CVE-2022-31751: Multi-thread competition for resources in the kernel emcom module

Severity: Critical

Affected versions: EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability can affect availability.

CVE-2022-31757: Interface misuse vulnerability in the Settings module

Advertisement

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 12.0.0, EMUI 11.0.1, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability will affect confidentiality.

CVE-2022-31763: Null pointer and out-of-bounds array vulnerabilities in the kernel module

Severity: High

Advertisement

Affected versions: EMUI 12.0.0

Impact: Successful exploitation of this vulnerability can affect availability.

CVE-2022-31760: Dialog box being displayed when the screen is locked in the carrier-customized USSD service

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 12.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Advertisement

Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

CVE-2022-31758: Race condition vulnerability in the kernel module

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 12.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability will affect confidentiality.

Advertisement

CVE-2021-46814: Out-of-bounds memory read and write vulnerability in the video framework

Severity: High

Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 12.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability can affect availability.

CVE-2022-31753: Vulnerability of using externally-controlled format strings in the voice wakeup module

Advertisement

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 12.0.0, EMUI 11.0.1, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability can affect availability.

CVE-2022-31754: Logical defects in code implementation in some products

Severity: Medium

Advertisement

Affected versions: EMUI 12.0.0, EMUI 10.1.0, Magic UI 3.1.0

Impact: Successful exploitation of this vulnerability may affect the availability of some features.

CVE-2021-46813: Vulnerability of residual files not being deleted after an update in the ChinaDRM module

Severity: Critical

Affected versions: EMUI 11.0.0, Magic UI 4.0.0

Advertisement

Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2021-46815: Configuration defects in the secure OS module

Severity: Medium

Affected versions: EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, EMUI 12.0.0, Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability can affect availability.

Advertisement

CVE-2022-31761: Configuration defects in the secure OS module

Severity: High

Affected versions: EMUI 10.1.1, EMUI 11.0.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability will affect confidentiality.

CVE-2022-29793: Configuration defects in the activation lock of the mobile phone

Advertisement

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.1.1, Magic UI 3.1.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2022-31755: Improper preservation of permissions vulnerability in the communications module

Severity: Medium

Advertisement

Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 12.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability can affect availability.

CVE-2022-31759: Uninitialized pointer access vulnerability in the AppLink

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 12.0.0, EMUI 11.0.1, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Advertisement

Impact: Successful exploitation of this vulnerability can affect availability.

CVE-2022-31762: Input verification vulnerability in the AMS module

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 12.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability will cause unauthorized operations.

Advertisement

CVE-2022-31752: Missing authorization vulnerability in the system components

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 12.0.0, EMUI 11.0.1, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability will affect confidentiality.

CVE-2022-31756: Design defects in the fingerprint sensor module

Advertisement

Severity: High

Affected versions: EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 12.0.0, Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability will affect confidentiality.

Amit

I write about Huawei Latest News, EMUI Updates & more. I am also a fitness freak. For any information, tip or help send me an email at huaweiupdatenews@gmail.com

Recent Posts

Huawei FreeBuds 6i HarmonyOS 4.2.0.216 update rolling out

Huawei has started rolling out the HarmonyOS 4.2.0.216 software update to its FreeBuds 6i wireless…

2 days ago

Huawei AI Life App getting 14.1.1.332 November 2024 update

Huawei AI Life is a unified platform for managing IoT devices. Easily control your Wi-Fi/mobile…

2 days ago

Huawei Browser November 2024 update brings 15.0.7.301 version

Huawei has started rolling out a new update to its Browser App. As per the…

6 days ago

A new update for Huawei Quick App Center is now available

Huawei updated its Quick App Center with version 14.3.1.301. Huawei Quick App Center allows you to…

6 days ago

Huawei HMS Core October 2024 version 6.14.0.322 rolling out

Huawei has started updating its applications to the latest versions. Now adding one more app…

1 week ago

TSMC Halts Shipments to Chinese Firm Sophgo After Chip Found in Huawei Processor

TSMC has halted shipments to Chinese chip designer Sophgo after a chip it manufactured was…

2 weeks ago