Huawei Magic Ui
By the Year
In 2023 there have been 0 vulnerabilities in Huawei Magic Ui . Last year Magic Ui had 132 security vulnerabilities published. Right now, Magic Ui is on track to have less security vulnerabilities in 2023 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2023 | 0 | 0.00 |
2022 | 132 | 7.66 |
2021 | 139 | 7.61 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Magic Ui vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Huawei Magic Ui Security Vulnerabilities
The number identification module has a path traversal vulnerability
CVE-2022-39001
7.5 - High
- September 16, 2022
The number identification module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause data disclosure.
Directory traversal
Double free vulnerability in the storage module
CVE-2022-39002
9.8 - Critical
- September 16, 2022
Double free vulnerability in the storage module. Successful exploitation of this vulnerability will cause the memory to be freed twice.
Double-free
Buffer overflow vulnerability in the video framework
CVE-2022-39003
9.1 - Critical
- September 16, 2022
Buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability will affect the confidentiality and integrity of trusted components.
Classic Buffer Overflow
The MPTCP module has the memory leak vulnerability
CVE-2022-39004
7.5 - High
- September 16, 2022
The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.
Memory Leak
The MPTCP module has the memory leak vulnerability
CVE-2022-39005
7.5 - High
- September 16, 2022
The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.
Memory Leak
The MPTCP module has the race condition vulnerability
CVE-2022-39006
5.9 - Medium
- September 16, 2022
The MPTCP module has the race condition vulnerability. Successful exploitation of this vulnerability may cause the device to restart.
Race Condition
Out-of-bounds write vulnerability in the power consumption module
CVE-2020-36600
7.5 - High
- September 16, 2022
Out-of-bounds write vulnerability in the power consumption module. Successful exploitation of this vulnerability may cause the system to restart.
Memory Corruption
Out-of-bounds write vulnerability in the kernel modules
CVE-2020-36601
7.5 - High
- September 16, 2022
Out-of-bounds write vulnerability in the kernel modules. Successful exploitation of this vulnerability may cause a panic reboot.
Memory Corruption
The iAware module has a vulnerability in managing malicious apps.Successful exploitation of this vulnerability will cause malicious apps to automatically start upon system startup.
CVE-2022-39000
9.8 - Critical
- September 16, 2022
The iAware module has a vulnerability in managing malicious apps.Successful exploitation of this vulnerability will cause malicious apps to automatically start upon system startup.
Out-of-bounds heap read vulnerability in the HW_KEYMASTER module
CVE-2021-40019
9.1 - Critical
- September 16, 2022
Out-of-bounds heap read vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds access.
Out-of-bounds Read
The secure OS module has configuration defects
CVE-2022-38978
7.5 - High
- September 16, 2022
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
The secure OS module has configuration defects
CVE-2022-38979
7.5 - High
- September 16, 2022
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
The secure OS module has configuration defects
CVE-2022-38987
7.5 - High
- September 16, 2022
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
The secure OS module has configuration defects
CVE-2022-38988
7.5 - High
- September 16, 2022
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
The secure OS module has configuration defects
CVE-2022-38989
7.5 - High
- September 16, 2022
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
The secure OS module has configuration defects
CVE-2022-38990
7.5 - High
- September 16, 2022
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
The secure OS module has configuration defects
CVE-2022-38991
7.5 - High
- September 16, 2022
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
The secure OS module has configuration defects
CVE-2022-38992
7.5 - High
- September 16, 2022
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
The secure OS module has configuration defects
CVE-2022-38993
7.5 - High
- September 16, 2022
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
The secure OS module has configuration defects
CVE-2022-38997
7.5 - High
- September 16, 2022
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
The SystemUI module has a privilege escalation vulnerability
CVE-2022-37002
9.8 - Critical
- August 10, 2022
The SystemUI module has a privilege escalation vulnerability. Successful exploitation of this vulnerability can cause malicious applications to pop up windows or run in the background.
The AOD module has a vulnerability in permission assignment
CVE-2022-37003
9.8 - Critical
- August 10, 2022
The AOD module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may cause permission escalation and unauthorized access to files.
Incorrect Default Permissions
The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE)
CVE-2022-37004
7.5 - High
- August 10, 2022
The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE). Successful exploitation of this vulnerability may affect the availability.
The Settings application has an argument injection vulnerability
CVE-2022-37005
7.5 - High
- August 10, 2022
The Settings application has an argument injection vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
Argument Injection
The chinadrm module has an out-of-bounds read vulnerability
CVE-2022-37007
7.5 - High
- August 10, 2022
The chinadrm module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect the availability.
Out-of-bounds Read
The recovery module has a vulnerability of bypassing the verification of an update package before use
CVE-2022-37008
7.5 - High
- August 10, 2022
The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability.
Insufficient Verification of Data Authenticity
The My HUAWEI app has a defect in the design
CVE-2021-40030
7.5 - High
- August 10, 2022
The My HUAWEI app has a defect in the design. Successful exploitation of this vulnerability may affect data confidentiality.
The video framework has the memory overwriting vulnerability caused by addition overflow
CVE-2021-40034
7.5 - High
- August 10, 2022
The video framework has the memory overwriting vulnerability caused by addition overflow. Successful exploitation of this vulnerability may affect the availability.
Vulnerability of writing data to an arbitrary address in the HW_KEYMASTER module
CVE-2021-40040
7.5 - High
- August 10, 2022
Vulnerability of writing data to an arbitrary address in the HW_KEYMASTER module. Successful exploitation of this vulnerability may affect confidentiality.
Vulnerability of pointers being incorrectly used during data transmission in the video framework
CVE-2021-40012
7.5 - High
- July 12, 2022
Vulnerability of pointers being incorrectly used during data transmission in the video framework. Successful exploitation of this vulnerability may affect confidentiality.
The basic framework and setting module have defects, which were introduced during the design
CVE-2021-46741
7.5 - High
- July 12, 2022
The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity.
The NFC module has a buffer overflow vulnerability
CVE-2022-34740
6.5 - Medium
- July 12, 2022
The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.
Classic Buffer Overflow
The NFC module has a buffer overflow vulnerability
CVE-2022-34741
6.5 - Medium
- July 12, 2022
The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.
Classic Buffer Overflow
The application security module has a vulnerability in permission assignment
CVE-2022-34737
9.1 - Critical
- July 12, 2022
The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality.
Incorrect Default Permissions
The SystemUI module has a vulnerability in permission control
CVE-2022-34738
7.5 - High
- July 12, 2022
The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background.
The fingerprint module has a vulnerability of overflow in arithmetic addition
CVE-2022-34739
7.5 - High
- July 12, 2022
The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address mappings.
The system module has a read/write vulnerability
CVE-2022-34742
7.5 - High
- July 12, 2022
The system module has a read/write vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
Out-of-bounds Read
The AT commands of the USB port have an out-of-bounds read vulnerability
CVE-2022-34743
7.5 - High
- July 12, 2022
The AT commands of the USB port have an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.
Out-of-bounds Read
Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect integrity.
CVE-2021-40013
6.5 - Medium
- July 12, 2022
Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect integrity.
Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect confidentiality.
CVE-2021-40016
6.5 - Medium
- July 12, 2022
Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect confidentiality.
HwSEServiceAPP has a vulnerability in permission management
CVE-2021-46811
5.3 - Medium
- June 13, 2022
HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC) information.
Incorrect Default Permissions
Vulnerability of residual files not being deleted after an update in the ChinaDRM module
CVE-2021-46813
7.5 - High
- June 13, 2022
Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect availability.
Improper Removal of Sensitive Information Before Storage or Transfer
The voice wakeup module has a vulnerability of using externally-controlled format strings
CVE-2022-31753
7.5 - High
- June 13, 2022
The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability.
Use of Externally-Controlled Format String
The setting module has a vulnerability of improper use of APIs
CVE-2022-31757
7.5 - High
- June 13, 2022
The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data confidentiality.
Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services
CVE-2022-31760
9.1 - Critical
- June 13, 2022
Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this vulnerability may affect data integrity and confidentiality.
Missing authorization vulnerability in the system components
CVE-2022-31752
5.5 - Medium
- June 13, 2022
Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality.
AuthZ
Logical defects in code implementation in some products
CVE-2022-31754
7.5 - High
- June 13, 2022
Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features.
Configuration defects in the secure OS module
CVE-2022-31761
7.5 - High
- June 13, 2022
Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect confidentiality.
The kernel module has the race condition vulnerability
CVE-2022-31758
4.7 - Medium
- June 13, 2022
The kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
Race Condition
The video framework has an out-of-bounds memory read/write vulnerability
CVE-2021-46814
7.5 - High
- June 13, 2022
The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability.
Out-of-bounds Read
The kernel emcom module has multi-thread contention
CVE-2022-31751
5.5 - Medium
- June 13, 2022
The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability.
The communication module has a vulnerability of improper permission preservation
CVE-2022-31755
5.5 - Medium
- June 13, 2022
The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability.
Improper Preservation of Permissions
The fingerprint sensor module has design defects
CVE-2022-31756
5.5 - Medium
- June 13, 2022
The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality.
AppLink has a vulnerability of accessing uninitialized pointers
CVE-2022-31759
5.5 - Medium
- June 13, 2022
AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability.
Access of Uninitialized Pointer
The AMS module has a vulnerability in input validation
CVE-2022-31762
7.8 - High
- June 13, 2022
The AMS module has a vulnerability in input validation. Successful exploitation of this vulnerability may cause privilege escalation.
Improper Input Validation
The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability.
CVE-2022-22252
7.5 - High
- May 13, 2022
The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability.
Dangling pointer
There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability.
CVE-2022-29793
7.5 - High
- May 13, 2022
There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability.
Configuration defects in the secure OS module
CVE-2021-46789
7.5 - High
- May 13, 2022
Configuration defects in the secure OS module. Successful exploitation of this vulnerability can affect availability.
The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access.
CVE-2021-46786
9.8 - Critical
- May 13, 2022
The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access.
Buffer Overflow
The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash.
CVE-2021-46787
7.5 - High
- May 13, 2022
The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash.
Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations.
CVE-2021-46788
7.5 - High
- May 13, 2022
Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations.
The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data integrity.
CVE-2022-22257
7.5 - High
- April 11, 2022
The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data integrity.
Improper Privilege Management
The communication module has a service logic error vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2021-40065
7.5 - High
- April 11, 2022
The communication module has a service logic error vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.
The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability.
CVE-2021-46742
9.1 - Critical
- April 11, 2022
The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability.
The Wi-Fi module has an event notification vulnerability.Successful exploitation of this vulnerability may
CVE-2022-22258
9.8 - Critical
- April 11, 2022
The Wi-Fi module has an event notification vulnerability.Successful exploitation of this vulnerability may allow third-party applications to intercept event notifications and add information and result in elevation-of-privilege.
The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system stability.
CVE-2022-22253
7.5 - High
- April 11, 2022
The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system stability.
Improper Validation of Integrity Check Value
The DFX module has an access control vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-22256
7.5 - High
- April 11, 2022
The DFX module has an access control vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.
A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-22254
7.5 - High
- April 11, 2022
A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality.
There is an incorrect buffer size calculation vulnerability in the video framework.Successful exploitation of this vulnerability may affect availability.
CVE-2021-40052
7.5 - High
- March 10, 2022
There is an incorrect buffer size calculation vulnerability in the video framework.Successful exploitation of this vulnerability may affect availability.
Incorrect Calculation of Buffer Size
There is a heap-based and stack-based buffer overflow vulnerability in the video framework
CVE-2021-40057
7.5 - High
- March 10, 2022
There is a heap-based and stack-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.
Memory Corruption
There is a heap-based buffer overflow vulnerability in the video framework
CVE-2021-40058
7.5 - High
- March 10, 2022
There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.
Memory Corruption
There is a permission control vulnerability in the Wi-Fi module
CVE-2021-40059
6.5 - Medium
- March 10, 2022
There is a permission control vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect confidentiality.
Incorrect Default Permissions
There is a heap-based buffer overflow vulnerability in the video framework
CVE-2021-40060
7.5 - High
- March 10, 2022
There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability.
Memory Corruption
There is a vulnerability of accessing resources using an incompatible type (type confusion) in the Bastet module
CVE-2021-40061
7.5 - High
- March 10, 2022
There is a vulnerability of accessing resources using an incompatible type (type confusion) in the Bastet module. Successful exploitation of this vulnerability may affect integrity.
Object Type Confusion
There is a vulnerability of copying input buffer without checking its size in the video framework
CVE-2021-40062
7.5 - High
- March 10, 2022
There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.
Classic Buffer Overflow
There is an improper access control vulnerability in the video module
CVE-2021-40063
7.5 - High
- March 10, 2022
There is an improper access control vulnerability in the video module. Successful exploitation of this vulnerability may affect confidentiality.
There is a heap-based buffer overflow vulnerability in system components
CVE-2021-40064
7.5 - High
- March 10, 2022
There is a heap-based buffer overflow vulnerability in system components. Successful exploitation of this vulnerability may affect system stability.
Memory Corruption
There is a vulnerability of memory not being released after effective lifetime in the Bastet module
CVE-2021-40047
7.5 - High
- March 10, 2022
There is a vulnerability of memory not being released after effective lifetime in the Bastet module. Successful exploitation of this vulnerability may affect integrity.
Memory Leak
There is an incorrect buffer size calculation vulnerability in the video framework
CVE-2021-40048
7.5 - High
- March 10, 2022
There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability will affect availability.
Incorrect Calculation of Buffer Size
There is a permission control vulnerability in the PMS module
CVE-2021-40049
7.5 - High
- March 10, 2022
There is a permission control vulnerability in the PMS module. Successful exploitation of this vulnerability can lead to sensitive system information being obtained without authorization.
Incorrect Default Permissions
There is an out-of-bounds read vulnerability in the IFAA module
CVE-2021-40050
9.8 - Critical
- March 10, 2022
There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this vulnerability may cause stack overflow.
Out-of-bounds Read
There is an unauthorized access vulnerability in system components
CVE-2021-40051
7.5 - High
- March 10, 2022
There is an unauthorized access vulnerability in system components. Successful exploitation of this vulnerability will affect confidentiality.
There is a permission control vulnerability in the Nearby module.Successful exploitation of this vulnerability will affect availability and integrity.
CVE-2021-40053
9.1 - Critical
- March 10, 2022
There is a permission control vulnerability in the Nearby module.Successful exploitation of this vulnerability will affect availability and integrity.
Incorrect Default Permissions
There is an integer underflow vulnerability in the atcmdserver module
CVE-2021-40054
7.5 - High
- March 10, 2022
There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of this vulnerability may affect integrity.
Integer underflow
There is a man-in-the-middle attack vulnerability during system update download in recovery mode
CVE-2021-40055
5.9 - Medium
- March 10, 2022
There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity.
There is a vulnerability of copying input buffer without checking its size in the video framework
CVE-2021-40056
7.5 - High
- March 10, 2022
There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.
Classic Buffer Overflow
There is an improper verification vulnerability in smartphones
CVE-2021-22448
9.1 - Critical
- February 25, 2022
There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause unauthorized read and write of some files.
There is an improper permission management vulnerability in the Wallet apps
CVE-2021-37103
5.5 - Medium
- February 25, 2022
There is an improper permission management vulnerability in the Wallet apps. Successful exploitation of this vulnerability may affect service confidentiality.
Incorrect Default Permissions
There is a DoS vulnerability in smartphones
CVE-2021-37027
7.5 - High
- February 25, 2022
There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service integrity.
There is a DoS vulnerability in smartphones
CVE-2021-22489
7.5 - High
- February 25, 2022
There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service availability.
There is a software integer overflow leading to a TOCTOU condition in smartphones
CVE-2021-22437
7 - High
- February 25, 2022
There is a software integer overflow leading to a TOCTOU condition in smartphones. Successful exploitation of this vulnerability may cause random address access.
Integer Overflow or Wraparound
There is a memory address out of bounds vulnerability in smartphones
CVE-2021-22434
9.8 - Critical
- February 25, 2022
There is a memory address out of bounds vulnerability in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.
Buffer Overflow
There is a memory address out of bounds in smartphones
CVE-2021-22433
9.8 - Critical
- February 25, 2022
There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.
Buffer Overflow
There is a vulnerability when configuring permission isolation in smartphones
CVE-2021-22432
9.8 - Critical
- February 25, 2022
There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access.
Buffer Overflow
There is a logic bypass vulnerability in smartphones
CVE-2021-22430
9.8 - Critical
- February 25, 2022
There is a logic bypass vulnerability in smartphones. Successful exploitation of this vulnerability may cause code injection.
There is an improper verification vulnerability in smartphones
CVE-2021-22319
7.5 - High
- February 25, 2022
There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause integer overflows.
Integer Overflow or Wraparound
There is a buffer overflow vulnerability in smartphones
CVE-2021-22394
9.1 - Critical
- February 25, 2022
There is a buffer overflow vulnerability in smartphones. Successful exploitation of this vulnerability may cause DoS of the apps during Multi-Screen Collaboration.
Classic Buffer Overflow
There is a vulnerability when configuring permission isolation in smartphones
CVE-2021-22431
9.8 - Critical
- February 25, 2022
There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access.
Buffer Overflow
There is a memory address out of bounds in smartphones
CVE-2021-22429
9.8 - Critical
- February 25, 2022
There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.
Buffer Overflow
There is a code injection vulnerability in smartphones
CVE-2021-22395
7.5 - High
- February 25, 2022
There is a code injection vulnerability in smartphones. Successful exploitation of this vulnerability may affect service confidentiality.
Code Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Huawei Magic Ui or by Huawei? Click the Watch button to subscribe.
