Connect with us

EMUI

Huawei Mate 20 devices (EMUI 11) starts getting May 2021 security update [Global]

Published

on


Huawei is delivering a new software update for one of the popular smartphone lineups around the world, the Huawei Mate 20. This previous-gen flagship lineup has a separate fan base and satisfying its users with its camera and hardware performance.

Due to its popularity and core configuration, Huawei is still treating the Mate 20 models pretty well, in terms of software update rollout. To recall, this series comes with EMUI 9.0 out of the box and currently working on the latest EMUI 11 version.

However, its Chinese counterpart has got the earliest slot in HarmonyOS 2.0 beta testing. Meanwhile, the selected beta tester has begun enjoying the new HarmonyOS 2.0 user interface and features and moving towards the stable release.

Models getting May 2021 update:

  • Huawei Mate 20
  • Huawei Mate 20 Pro

After exploring the new changelog, we have found that this update installs the security patch released in May 2021 for improved system security. Additionally, it comes with a number of new apps but these new improvements aren’t mentioned in the changelog.

If you want to send us Tips, Update Screenshots, or a Message? connect with us here:

Advertisement
  • Screenshots@huaweicentral.com
  • Tips@huaweicentral.com
  • Message us on Twitter

Software update details:

Huawei Mate 20 series global variants started receiving the latest EMUI 11 version 11.0.0.158 (C432E4R1P4) and it comes with a massive update package size of 1.02GB.

Changelog:

Security: Integrates the Android security patch released in May 2021.

May 2021 security patch details: This security update fixes different levels of exploits and issues including  3 critical, 10 high, and 4 medium levels of CVE for improved system security.

New apps that are not mentioned in the changelog: 

  • This update also added the quick download shortcuts for the following apps: Petal Search, Reader, Petal Maps, Member Center, Game Center, and Link Now.

Thanks to the tipster – Marko

Note:

  • The update is rolling out in batches so it may take some time/days to reach your device.
  • EMUI version and size may vary.
  • Maintain enough battery and storage on your device.

How to check for software update:

VIA SETTINGS:

Advertisement
  1. Go to Settings
  2. Tap on System & updates
  3. Tap Software update
  4. Tap Check for Updates
  5. Download and Install
  6. Install and restart your device

ALTERNATIVELY, VIA SUPPORT:

  1. Open the Support app
  2. Go to the Services tab
  3. Tap on Update
  4. Download and Install
  5. Install and restart your phone

Huawei global variants HarmonyOS 2.0 status:

At the moment, HarmonyOS 2.0 beta activity remains exclusive to Chinese models and likely to delay further for the global variant for a short interval of time.

Also, check:

Huawei P30, Mate 20 Series and more enters HarmonyOS 2 public beta, check the devices

EMUI

These issues on EMUI 11 and 12 fixed with October 2022 EMUI security patches

Published

on

October 2022 EMUI security issues

Huawei has brought the October 2022 EMUI security patch details with a big bag of fixes and improvements for the threatening issues. Consequently, users will notice overall enhancement and stability in their devices after installing the new patch.

We are well aware of the fact that Huawei sends regular updates to its devices to maintain their reliability. But, often these updates welcome some hidden issues and defects in the system. As a result, these issues create a gateway for the malware to enter the applications and exploit the entire functioning of the gadget.

Therefore, this makes the user very conscious about installing every new firmware on their device. Hence, apart from the vulnerability description, the company has also shared a huge narration regarding what fixes the new patch will bring to the smart handsets.

As usual, the company has explored various segments of the device and has prepared a fresh improvement package. And the interesting part of this new package is, these fixes apply to the major EMUI 11 and 12 versions.

Advertisement

On the other hand, these spots cover several essential parts of the internal system. For instance, framework, kernel, KEYMASTER, configuration, and more. Thus, by treating and mending every element, this patch increases the security of your device to the next level.

So, if your handy gadget is running on any of the mentioned versions, then you must check which new issues get a full stop with the latest October 2022 EMUI security patch.

October 2022 EMUI security issues

October 2022 EMUI security fixes for EMUI 11 and EMUI 12

CVE 1: CVE-2021-40017
  • CVE version detail: Vulnerability of not verifying the validity of the key’s format in the HW_KEYMASTER module
  • Risk Level: Critical
  • Affected Versions: EMUI 12.0.0, EMUI 11.0.1
  • Impact of this CVE on devices: Successful exploitation of this vulnerability may cause out-of-bounds access
CVE 2: CVE-2021-46839, CVE-2021-46840
  • CVE version detail: Lack of length check, and parameter set verification vulnerability in the HW_KEYMASTER module
  • Risk Level: Medium
  • Affected Versions: EMUI 12.0.0, EMUI 11.0.1
  • Impact of this CVE on devices: Attackers can construct malicious data as well as cause out-of-bounds access
CVE 3: CVE-2022-38983
  • CVE version detail: UAF vulnerability in the BT Hfp Client module
  • Risk Level: High
  • Affected Versions: EMUI 12.0.0, EMUI 11.0.1
  • Impact of this CVE on devices: Successful exploitation of this vulnerability may cause arbitrary code execution
CVE 4: CVE-2022-41576
  • CVE version detail: boot.sh script that can be modified by malicious programs in the phone module
  • Risk Level: Medium
  • Affected versions: EMUI 12.0.0, EMUI 11.0.1
  • Impact of this CVE on devices: Successful exploitation of this vulnerability can cause irreversible program implantation on the user’s device.
CVE 5: CVE-2022-41578
  • CVE version detail: Out-of-bounds write vulnerability in the mptcp module
  • Risk Level: High
  • Affected versions: EMUI 12.0.0, EMUI 11.0.1
  • Impact of this CVE on devices: Successful exploitation of this vulnerability may cause attack programs to modify program information to implement root privilege escalation attacks.
CVE 6: CVE-2022-41580, CVE-2022-41581
  • CVE version details: Vulnerability of not verifying the read content in the HW_KEYMASTER module
  • Risk Level: Medium
  • Affected Versions: EMUI 12.0.0, EMUI 11.0.1
  • Impact of this CVE on devices: Attackers can construct malicious data as well as cause out-of-bounds access
CVE 7: CVE-2022-41582
  • CVE version details: Configuration defects in the security module
  • Risk Level: High
  • Affected versions: EMUI 12.0.0, EMUI 11.0.1
  • Impact of this CVE on devices: Successful exploitation of this vulnerability may affect availability
CVE 8: CVE-2022-41584, CVE-2022-41585
  • CVE version details: Out-of-bounds read vulnerability in the kernel module
  • Risk Level: Medium
  • Affected versions: EMUI 12.0.0, EMUI 11.0.1
  • Impact of this CVE on devices: Successful exploitation of this vulnerability may cause memory overwriting
CVE 9: CVE-2022-41586
  • CVE version details: Untruncated data vulnerability in the communication framework module
  • Risk Level: Medium
  • Affected versions: EMUI 12.0.0, EMUI 11.0.1
  • Impact of this CVE on devices: Successful exploitation of this vulnerability will affect confidentiality
CVE 10: CVE-2022-41588
  • CVE version details: Service logic exception vulnerability in the home screen module
  • Risk Level: Medium
  • Affected versions: EMUI 12.0.0, EMUI 11.0.1
  • Impact of this CVE on devices: Successful exploitation of this vulnerability may affect the integrity

CVE 11: (CVE-2022-41592, CVE-2022-41593, CVE-2022-41594, CVE-2022-41595, CVE-2022-41597, CVE-2022-41598, CVE-2022-41600, CVE-2022-41601, CVE-2022-41602, CVE-2022-41603)

  • CVE version details: Heap overflow/Out-of-bounds read/Null pointer or other issues in the phone due to fingerprint TA
  • Risk Level: Medium
  • Affected versions: EMUI 12.0.0, EMUI 11.0.1
  • Impact of these CVEs on devices: Attackers with root permission can exploit this vulnerability by controlling the file content. As a result, the fingerprint service may be abnormal.
Continue Reading

EMUI

Huawei Nova 9/9 SE receives September 2022 EMUI update

Published

on

Huawei Nova 9 and Nova 9 SE are now grabbing the September 2022 EMUI security patch update in European markets. The latest software update for the Nova series devices brings system stability improvement alongside Android patches.

The September 2022 security update for the Huawei Nova 9 SE is rolling out with the EMUI 12 firmware version 12.0.1.175 (C432E2R3P1) with a package size of 342 MB. Whereas Huawei Nova 9 gets version 12.0.1.257 (C432E2R1P2) with an installation size of 353 MB.

Talking about the new rollout, it integrates the September 2022 EMUI security patches into Huawei Nova 9 devices. The update has very less to explore yet users must note that the patch brings multiple fixes for the device. It mends 10 high-level CVEs and 7 medium-level CVEs of the smartphone system.

Apart from the vulnerabilities, the security patch also brings some small enhancements. Thus, to enjoy the stable and lag-free system, we recommend you install the update as soon as it reaches your device.

Advertisement

Huawei is sending the update through the OTA medium, so your corresponding device will show the OTA notification when it lands. So, the corresponding device owners can tap on the notification to download the update or can manually check and install it by following the steps given below.

To Update:

Open the phone’s Settings, then tap on the System & updates followed by Software updates. From here, tap on CHECK FOR UPDATES. And, if the update has reached your device then press on the Download and Install tab.

Before upgrading your respective phone make sure to take a backup of all the important data beforehand. Also, download the update through a stable Wi-Fi connection.

Make sure your device has sufficient storage space to keep the firmware. And if you encounter any problems during the whole process then call Huawei customer care service or Huawei service for assistance. Also, confirm that your device has enough battery.

Advertisement

Huawei Nova 9 September 2022 update

(Source1, Source2)

Continue Reading

EMUI

Huawei October 2022 EMUI security details released as EMUI 13 launch nears

Published

on

October 2022 emui details

Huawei has released the October 2022 EMUI security patch details as the company moves to launch the EMUI 13 software for global smartphones. On the other hand, the Chinese tech maker is taking EMUI 12 towards the last section of eligible devices.

Adding to this, the company is also reaching to models with September 2022 security patch for Nova 5T, Mate 40 Pro, Mate 30 Pro, P40 series, and more. Although, we’ve entered October but we need to wait until the latest patches begin to rollout.

The security patch includes fixes from Huawei and Android that fixes various sections of Huawei devices. This firmware rolls out monthly and quarterly time spans. Aside from the security patches, Huawei phones are also entitled to receive extra features and optimizations to improve their performance to provide a new user experience.

According to Huawei EMUI October 2022 security bulletin, these new patches brings fixes for 12 high levels of CVEs, 7 medium, and 18 CVEs that were fixed in the previous software rollout. However, there are no new updates found in the critical or low-level area.

Advertisement

Currently, Huawei has not released this software update but we can soon expect it to begin via OTA.

Below you can check the complete CVEs for the respective sections:

Critical:

  • none

High:

  • CVE-2022-20395, CVE-2022-22822, CVE-2022-23852, CVE-2022-23990, CVE-2022-25314, CVE-2022-25704, CVE-2022-22095, CVE-2021-0697, CVE-2021-0871, CVE-2021-0942, CVE-2021-0943, CVE-2022-25670

Medium:

  • CVE-2022-28388, CVE-2022-20254, CVE-2022-20268, CVE-2022-20274, CVE-2022-20308, CVE-2022-20325, CVE-2022-20331

Low:

  • none

Already included in previous updates:

  • CVE-2022-20361, CVE-2022-20082, CVE-2022-20081, CVE-2021-39765, CVE-2022-25657, CVE-2022-22082, CVE-2022-22083, CVE-2022-22084, CVE-2022-22085, CVE-2022-22086, CVE-2022-22087, CVE-2021-0698, CVE-2021-0887, CVE-2021-0891, CVE-2021-0946, CVE-2021-0947, CVE-2021-39815, CVE-2022-20122

EMUI 13:

EMUI 13 will come with new features that are inspired by HarmonyOS 3 and 2 versions. However, there are a bunch of other improvements including the gestures, widgets, and more large folders sizes. Huawei is yet to confirm the launch date for EMUI 13 but we’ll keep you posted on further developments.

October 2022 emui details

Advertisement
Continue Reading