We have stepped in the 10th month of this year and so is Huawei. The company has published the Huawei EMUI October 2022 security patch details for its eligible devices. Slowly and steadily, this new improvement package will start knocking on your device notification bar to provide you with an impressive experience.

The Chinese manufacturer was running on a very busy schedule in recent days. From unveiling the highly-anticipated Mate 50 series on the consumer platform to rolling out different HarmonyOS 3.0 beta versions with new optimizes for smart gadgets, Huawei was stuck in the depths of the tasks.

Consequently, this was one of the reasons we observed a little delay in the update distribution procedure. But, with the release of the latest EMUI October 2022 security patch, the company has proved that the wait for new updates ends here.

Another interesting piece of news is that EMUI 13 is on its way and will keep its legs on user ground soon. With some amazing and eye-catching features, Huawei is preparing the most iconic and minimalistic interface for its global fans.

Coming back to the October improvements, this patch holds numerous fixes and security amendments for the devices. It shields the internal framework of a gadget making it tougher for privacy-related threats and issues.

Editor’s Choice: Huawei October 2022 EMUI security details released as EMUI 13 launch nears

While the company initiates rolling out the new patch to its models, you can jump into the compatible device list and check whether your device will get this beneficial offering or not.

October 2022 EMUI Devices

Monthly Devices

• Huawei Mate 40 Pro
• Huawei Mate 30
• Huawei Mate 30 Pro
• Huawei Mate 30 Pro 5G
• Huawei Mate Xs
• Huawei P40
• Huawei P40 Pro
• Huawei P40 Pro+
• Huawei P50
• Huawei P50 Pro

Quarterly Devices

• Huawei Mate 20 X (5G)
• Huawei P40 Lite
• Huawei P40 Lite 5G
• Huawei P40 Lite E
• Huawei P30
• Huawei P30 Pro
• Huawei P30 Lite
• Huawei P Smart 2021
• Huawei P Smart 2020
• Huawei P Smart S
• Huawei P Smart Pro
• Huawei Nova 9
• Huawei Nova Y60
• Huawei Nova 8i
• Huawei Nova 8
• Huawei Nova 7 5G
• Huawei Nova 7 SE 5G
• Huawei Nova 7i
• Huawei Y5p
• Huawei Y6p
• Huawei Y6 Pro 2019
• Huawei Y7a
• Huawei Y7p
• Huawei Y8p
• Huawei Y8s
• Huawei Y9 Prime 2019
• Huawei Y9a
• Huawei Y9s
• Honor 30
• Honor 30 Pro+
• Honor 30i
• Honor 30S
• Honor View 30 Pro
• Honor 20e
• Honor 20i
• Honor 20S
• Honor 20 Lite
• Honor 9A
• Honor 9C
• Honor 9S
• Honor 9X Lite
• Honor 10X
• Honor 10X Lite

Tablets

• Huawei MatePad Pro
• Huawei MatePad
• Huawei MatePad T
• Huawei MatePad T 10S
• Huawei MatePad T 10
• Honor Pad V6

Huawei has brought the October 2022 EMUI security patch details with a big bag of fixes and improvements for the threatening issues. Consequently, users will notice overall enhancement and stability in their devices after installing the new patch.

We are well aware of the fact that Huawei sends regular updates to its devices to maintain their reliability. But, often these updates welcome some hidden issues and defects in the system. As a result, these issues create a gateway for the malware to enter the applications and exploit the entire functioning of the gadget.

Therefore, this makes the user very conscious about installing every new firmware on their device. Hence, apart from the vulnerability description, the company has also shared a huge narration regarding what fixes the new patch will bring to the smart handsets.

As usual, the company has explored various segments of the device and has prepared a fresh improvement package. And the interesting part of this new package is, these fixes apply to the major EMUI 11 and 12 versions.

On the other hand, these spots cover several essential parts of the internal system. For instance, framework, kernel, KEYMASTER, configuration, and more. Thus, by treating and mending every element, this patch increases the security of your device to the next level.

So, if your handy gadget is running on any of the mentioned versions, then you must check which new issues get a full stop with the latest October 2022 EMUI security patch.

October 2022 EMUI security fixes for EMUI 11 and EMUI 12

CVE 1: CVE-2021-40017

• CVE version detail: Vulnerability of not verifying the validity of the key’s format in the HW_KEYMASTER module
• Risk Level: Critical
• Affected Versions: EMUI 12.0.0, EMUI 11.0.1
• Impact of this CVE on devices: Successful exploitation of this vulnerability may cause out-of-bounds access

CVE 2: CVE-2021-46839, CVE-2021-46840

• CVE version detail: Lack of length check, and parameter set verification vulnerability in the HW_KEYMASTER module
• Risk Level: Medium
• Affected Versions: EMUI 12.0.0, EMUI 11.0.1
• Impact of this CVE on devices: Attackers can construct malicious data as well as cause out-of-bounds access

CVE 3: CVE-2022-38983

• CVE version detail: UAF vulnerability in the BT Hfp Client module
• Risk Level: High
• Affected Versions: EMUI 12.0.0, EMUI 11.0.1
• Impact of this CVE on devices: Successful exploitation of this vulnerability may cause arbitrary code execution

CVE 4: CVE-2022-41576

• CVE version detail: boot.sh script that can be modified by malicious programs in the phone module
• Risk Level: Medium
• Affected versions: EMUI 12.0.0, EMUI 11.0.1
• Impact of this CVE on devices: Successful exploitation of this vulnerability can cause irreversible program implantation on the user’s device.

CVE 5: CVE-2022-41578

• CVE version detail: Out-of-bounds write vulnerability in the mptcp module
• Risk Level: High
• Affected versions: EMUI 12.0.0, EMUI 11.0.1
• Impact of this CVE on devices: Successful exploitation of this vulnerability may cause attack programs to modify program information to implement root privilege escalation attacks.

CVE 6: CVE-2022-41580, CVE-2022-41581

• CVE version details: Vulnerability of not verifying the read content in the HW_KEYMASTER module
• Risk Level: Medium
• Affected Versions: EMUI 12.0.0, EMUI 11.0.1
• Impact of this CVE on devices: Attackers can construct malicious data as well as cause out-of-bounds access

CVE 7: CVE-2022-41582

• CVE version details: Configuration defects in the security module
• Risk Level: High
• Affected versions: EMUI 12.0.0, EMUI 11.0.1
• Impact of this CVE on devices: Successful exploitation of this vulnerability may affect availability

CVE 8: CVE-2022-41584, CVE-2022-41585

• CVE version details: Out-of-bounds read vulnerability in the kernel module
• Risk Level: Medium
• Affected versions: EMUI 12.0.0, EMUI 11.0.1
• Impact of this CVE on devices: Successful exploitation of this vulnerability may cause memory overwriting

CVE 9: CVE-2022-41586

• CVE version details: Untruncated data vulnerability in the communication framework module
• Risk Level: Medium
• Affected versions: EMUI 12.0.0, EMUI 11.0.1
• Impact of this CVE on devices: Successful exploitation of this vulnerability will affect confidentiality

CVE 10: CVE-2022-41588

• CVE version details: Service logic exception vulnerability in the home screen module
• Risk Level: Medium
• Affected versions: EMUI 12.0.0, EMUI 11.0.1
• Impact of this CVE on devices: Successful exploitation of this vulnerability may affect the integrity

CVE 11: (CVE-2022-41592, CVE-2022-41593, CVE-2022-41594, CVE-2022-41595, CVE-2022-41597, CVE-2022-41598, CVE-2022-41600, CVE-2022-41601, CVE-2022-41602, CVE-2022-41603)

• CVE version details: Heap overflow/Out-of-bounds read/Null pointer or other issues in the phone due to fingerprint TA
• Risk Level: Medium
• Affected versions: EMUI 12.0.0, EMUI 11.0.1
• Impact of these CVEs on devices: Attackers with root permission can exploit this vulnerability by controlling the file content. As a result, the fingerprint service may be abnormal.

Huawei Nova 9 and Nova 9 SE are now grabbing the September 2022 EMUI security patch update in European markets. The latest software update for the Nova series devices brings system stability improvement alongside Android patches.

The September 2022 security update for the Huawei Nova 9 SE is rolling out with the EMUI 12 firmware version 12.0.1.175 (C432E2R3P1) with a package size of 342 MB. Whereas Huawei Nova 9 gets version 12.0.1.257 (C432E2R1P2) with an installation size of 353 MB.

Talking about the new rollout, it integrates the September 2022 EMUI security patches into Huawei Nova 9 devices. The update has very less to explore yet users must note that the patch brings multiple fixes for the device. It mends 10 high-level CVEs and 7 medium-level CVEs of the smartphone system.

Apart from the vulnerabilities, the security patch also brings some small enhancements. Thus, to enjoy the stable and lag-free system, we recommend you install the update as soon as it reaches your device.

Huawei is sending the update through the OTA medium, so your corresponding device will show the OTA notification when it lands. So, the corresponding device owners can tap on the notification to download the update or can manually check and install it by following the steps given below.

To Update:

Open the phone’s Settings, then tap on the System & updates followed by Software updates. From here, tap on CHECK FOR UPDATES. And, if the update has reached your device then press on the Download and Install tab.

Before upgrading your respective phone make sure to take a backup of all the important data beforehand. Also, download the update through a stable Wi-Fi connection.

Make sure your device has sufficient storage space to keep the firmware. And if you encounter any problems during the whole process then call Huawei customer care service or Huawei service for assistance. Also, confirm that your device has enough battery.

(Source1, Source2)