October 2023 EMUI security patch fixes two critical levels of CVEs and eight high levels of security threats on Huawei smartphones. The patch also addresses eight CVEs mentioned in the past software update.
Currently, Huawei is expanding the reach of the September 2023 software update for smartphone users. However, we can expect the company to release these new security improvements via the OTA update method.
Looking at the details, the new patch fixes the vulnerability of package names’ public keys not being verified in the security module. This issue affects the confidentiality of the phone user data.
Another high-level vulnerability in the distributed file module could cause the device to restart fixed with new patches. Third comes the use-after-free (UAF) vulnerability in the surfaceflinger module, which could cause the system to crash in run-time.
These new software threats have been found and fixed in EMUI versions EMUI 13.0.0, EMUI 12.0.1, and EMUI 12.0.0. Below you can check the scientific details of the new vulnerabilities.
- CVE-2023-35658, CVE-2023-35673
- CVE-2023-35679, CVE-2023-35687, CVE-2023-35669, CVE-2023-35667, CVE-2023-35677, CVE-2023-35666, CVE-2023-35684, CVE-2023-28584
Already included in previous updates:
- CVE-2023-21284, CVE-2020-29374, CVE-2023-21251, CVE-2023-20942, CVE-2023-21189
Aside from security patches, Huawei smartphone users are now looking for a new major software update. Although, Huawei has not announced a specific version release but the next EMUI build in line is EMUI 14. However, the phone maker is still expanding EMUI 13 for past devices. In that regard, the company has yet to clarify the situation.
Huawei users can check for the latest software update via the Settings and Software Updates option.