Huawei Magic Ui
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Huawei Magic Ui.
By the Year
In 2026 there have been 0 vulnerabilities in Huawei Magic Ui. Magic Ui did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 132 | 7.64 |
| 2021 | 139 | 7.64 |
It may take a day or so for new Magic Ui vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Huawei Magic Ui Security Vulnerabilities
CVE-2022-39001: Path Traversal in Number Identification Module
CVE-2022-39001
7.5 - High
- September 16, 2022
The number identification module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause data disclosure.
Directory traversal
Double free in storage module (CVE-2022-39002)
CVE-2022-39002
9.8 - Critical
- September 16, 2022
Double free vulnerability in the storage module. Successful exploitation of this vulnerability will cause the memory to be freed twice.
Double-free
Windows Video Framework Buffer Overflow (CVE-2022-39003)
CVE-2022-39003
9.1 - Critical
- September 16, 2022
Buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability will affect the confidentiality and integrity of trusted components.
Classic Buffer Overflow
Linux MPTCP Module Memory Leak (CVE-2022-39004)
CVE-2022-39004
7.5 - High
- September 16, 2022
The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.
Memory Leak
Mem Leak in Linux Kernel MPTCP Mod
CVE-2022-39005
7.5 - High
- September 16, 2022
The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.
Memory Leak
Race Condition in Linux Kernel MPTCP Module Causing Device Restart
CVE-2022-39006
5.9 - Medium
- September 16, 2022
The MPTCP module has the race condition vulnerability. Successful exploitation of this vulnerability may cause the device to restart.
Race Condition
OOB write in power consumption module (CVE-2020-36600)
CVE-2020-36600
- September 16, 2022
Out-of-bounds write vulnerability in the power consumption module. Successful exploitation of this vulnerability may cause the system to restart.
Linux Kernel OOB Write in Module Panic Reboot
CVE-2020-36601
- September 16, 2022
Out-of-bounds write vulnerability in the kernel modules. Successful exploitation of this vulnerability may cause a panic reboot.
iAware Module Priv Escalation: Malicious Apps Auto-Start on Boot
CVE-2022-39000
9.8 - Critical
- September 16, 2022
The iAware module has a vulnerability in managing malicious apps.Successful exploitation of this vulnerability will cause malicious apps to automatically start upon system startup.
Android Keymaster OOB Heap Read Vulnerability
CVE-2021-40019
9.1 - Critical
- September 16, 2022
Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds access.
Out-of-bounds Read
Secure OS Module Config Defect Could Leak Confidential Data
CVE-2022-38978
7.5 - High
- September 16, 2022
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-38979: Secure OS Module Config Defect Causing Data Confidentiality Risk
CVE-2022-38979
7.5 - High
- September 16, 2022
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-38987: Secure OS Module config defect causes DoS
CVE-2022-38987
7.5 - High
- September 16, 2022
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
Config Defect in Secure OS Module (Data Confidentiality Risk)
CVE-2022-38988
7.5 - High
- September 16, 2022
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
Config Defect in Secure OS Module Compromise Availability (CVE-2022-38989)
CVE-2022-38989
7.5 - High
- September 16, 2022
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
Secure OS Module Config Defect (Availability Impact)
CVE-2022-38990
7.5 - High
- September 16, 2022
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-38991: Secure OS Mod Conf. Defect Leading to Data Compromise
CVE-2022-38991
7.5 - High
- September 16, 2022
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
Secure OS Module Config Defect: Data Confidentiality Risk
CVE-2022-38992
7.5 - High
- September 16, 2022
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
Secure OS Mod configuration defect enables potential DoS
CVE-2022-38993
7.5 - High
- September 16, 2022
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
Secure OS Mod Config Defect Data Confidentiality Risk (CVE202238997)
CVE-2022-38997
7.5 - High
- September 16, 2022
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
Android SystemUI Privilege Escalation Enabling Malicious Popups
CVE-2022-37002
7.4 - High
- August 10, 2022
The SystemUI module has a privilege escalation vulnerability. Successful exploitation of this vulnerability can cause malicious applications to pop up windows or run in the background.
Improper Privilege Management
Android AOD Permission Escalation via Assignment Flaw
CVE-2022-37003
9.8 - Critical
- August 10, 2022
The AOD module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may cause permission escalation and unauthorized access to files.
Incorrect Default Permissions
Windows Settings-App OOBE Bypass: Availability Impact
CVE-2022-37004
7.5 - High
- August 10, 2022
The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE). Successful exploitation of this vulnerability may affect the availability.
Android Settings App Arg Injection Vulnerability
CVE-2022-37005
7.5 - High
- August 10, 2022
The Settings application has an argument injection vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
Argument Injection
Out-of-Bounds Read in chinadrm Module Causing DoS
CVE-2022-37007
7.5 - High
- August 10, 2022
The chinadrm module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect the availability.
Android Recovery: Bypass Update Package Verification in Recovery Module
CVE-2022-37008
7.5 - High
- August 10, 2022
The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability.
Insufficient Verification of Data Authenticity
Design Flaw in Huawei My HUAWEI App Enables Data Confidentiality Breach
CVE-2021-40030
7.5 - High
- August 10, 2022
The My HUAWEI app has a defect in the design. Successful exploitation of this vulnerability may affect data confidentiality.
Linux Kernel V4L2 Framebuffer Add-Overflow Memory Overwrite (CVE-2021-40034)
CVE-2021-40034
7.5 - High
- August 10, 2022
The video framework has the memory overwriting vulnerability caused by addition overflow. Successful exploitation of this vulnerability may affect the availability.
HW_KEYMASTER Module Arbitrary Write CVE-2021-40040
CVE-2021-40040
7.5 - High
- August 10, 2022
Vulnerability of writing data to an arbitrary address in the HW_KEYMASTER module. Successful exploitation of this vulnerability may affect confidentiality.
Vulnerability of pointers being incorrectly used during data transmission in the video framework
CVE-2021-40012
7.5 - High
- July 12, 2022
Vulnerability of pointers being incorrectly used during data transmission in the video framework. Successful exploitation of this vulnerability may affect confidentiality.
The basic framework and setting module have defects, which were introduced during the design
CVE-2021-46741
7.5 - High
- July 12, 2022
The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity.
The NFC module has a buffer overflow vulnerability
CVE-2022-34740
6.5 - Medium
- July 12, 2022
The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.
Classic Buffer Overflow
The NFC module has a buffer overflow vulnerability
CVE-2022-34741
6.5 - Medium
- July 12, 2022
The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.
Classic Buffer Overflow
The application security module has a vulnerability in permission assignment
CVE-2022-34737
9.1 - Critical
- July 12, 2022
The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality.
Incorrect Default Permissions
The SystemUI module has a vulnerability in permission control
CVE-2022-34738
7.5 - High
- July 12, 2022
The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background.
The fingerprint module has a vulnerability of overflow in arithmetic addition
CVE-2022-34739
7.5 - High
- July 12, 2022
The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address mappings.
The system module has a read/write vulnerability
CVE-2022-34742
7.5 - High
- July 12, 2022
The system module has a read/write vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
Out-of-bounds Read
The AT commands of the USB port have an out-of-bounds read vulnerability
CVE-2022-34743
7.5 - High
- July 12, 2022
The AT commands of the USB port have an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.
Out-of-bounds Read
Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect integrity.
CVE-2021-40013
6.5 - Medium
- July 12, 2022
Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect integrity.
Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect confidentiality.
CVE-2021-40016
6.5 - Medium
- July 12, 2022
Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect confidentiality.
Configuration defects in the secure OS module
CVE-2022-31761
7.5 - High
- June 13, 2022
Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect confidentiality.
Logical defects in code implementation in some products
CVE-2022-31754
7.5 - High
- June 13, 2022
Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features.
Missing authorization vulnerability in the system components
CVE-2022-31752
5.5 - Medium
- June 13, 2022
Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality.
AuthZ
Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services
CVE-2022-31760
9.1 - Critical
- June 13, 2022
Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this vulnerability may affect data integrity and confidentiality.
The setting module has a vulnerability of improper use of APIs
CVE-2022-31757
7.5 - High
- June 13, 2022
The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data confidentiality.
The voice wakeup module has a vulnerability of using externally-controlled format strings
CVE-2022-31753
7.5 - High
- June 13, 2022
The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability.
Use of Externally-Controlled Format String
HwSEServiceAPP has a vulnerability in permission management
CVE-2021-46811
5.3 - Medium
- June 13, 2022
HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC) information.
Incorrect Default Permissions
Vulnerability of residual files not being deleted after an update in the ChinaDRM module
CVE-2021-46813
7.5 - High
- June 13, 2022
Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect availability.
Improper Removal of Sensitive Information Before Storage or Transfer
The fingerprint sensor module has design defects
CVE-2022-31756
5.5 - Medium
- June 13, 2022
The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality.
The communication module has a vulnerability of improper permission preservation
CVE-2022-31755
5.5 - Medium
- June 13, 2022
The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability.
Improper Preservation of Permissions
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Huawei Magic Ui or by Huawei? Click the Watch button to subscribe.
