January

We use cookies to improve our site and your experience. By continuing to browse our site you accept our cookie policy. Find out more
For a better user experience, please use the latest version of Internet Explorer or switch to another browser.
Consumer

Smartphones, Laptops & Tablets, Wearables and More

Corporate

About Huawei, Press&Event, and More

Enterprise

Products, Solutions and Services for Enterprise

Carrier

Products, Solutions and Services for Carrier

Popular Products
HUAWEI MatePad Pro 13.2-inch
HUAWEI WATCH GT 4
HUAWEI Mate X3
Quick View
Smartphone
PC
Tablet
Wearable
Audio
Router
HUAWEI Mobile Services
enter more search keys

Huawei EMUI/Magic UI security updates January 2021

Huawei is releasing monthly security updates for flagship models. This security update includes Android and Huawei patches:

This security update includes the CVE announced in the January 2021 Android security bulletin.

Critical:CVE-2020-11225,CVE-2021-0313,CVE-2021-0316,CVE-2019-17666

High:CVE-2020-11217,CVE-2020-11167,CVE-2020-0466,CVE-2020-11146,CVE-2020-0465,CVE-2020-0444,CVE-2019-9376,CVE-2021-0309,CVE-2021-0315,CVE-2021-0319,CVE-2021-0311,CVE-2021-0312,CVE-2021-0306,CVE-2021-0317,CVE-2021-0322,CVE-2021-0304,CVE-2016-6328,CVE-2021-0318,CVE-2021-0320,CVE-2021-0308,CVE-2020-0471,CVE-2018-20856,CVE-2019-15214

Medium:CVE-2020-15999

Low: none

Already included in previous updates:CVE-2019-10628,CVE-2019-13994,CVE-2019-13995,CVE-2019-14074,CVE-2020-11133,CVE-2020-11135,CVE-2020-3620,CVE-2020-3621,CVE-2020-3622,CVE-2020-3634,CVE-2019-10527,CVE-2018-11970, CVE-2020-3657,CVE-2020-3670,CVE-2020-3673,CVE-2020-3654,CVE-2020-3703,CVE-2020-11157

※For more information on security patches, please refer to the Android security bulletins (https://source.android.com/security/bulletin).

This security update includes the following Huawei patches:

CVE-2020-9158: DoS Vulnerability of Huawei Share Application in Some Huawei Smartphones

Severity: Low

Affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.1, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0, Magic UI 2.1.1, EMUI 8.2, EMUI 8.0

Impact: Successful exploitation of this vulnerability will cause Huawei Share application exceptions.

CVE-2020-9149:App trustlist verification vulnerability in telephony apps

Severity: High

Affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0

Impact: Apps with specific package names can bypass the verification to delete or insert SMS messages.

CVE-2020-9148:SMS security bypass vulnerability in telephony apps

Severity: High

Affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, EMUI 9.1.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0

Impact: Attackers can exploit this vulnerability to bypass the mechanism that prevents unspecified apps from writing SMS messages and delete SMS messages in PrivateSpace.

CVE-2020-9147:Buffer overflow vulnerability

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0

Impact: Successful exploitation of this vulnerability may result in a buffer overflow.

CVE-2020-9146:Memory leak vulnerability

Severity: Medium

Affected versions: EMUI 11.0.0, EMUI 10.1.1, EMUI 10.1.0, EMUI 10.0.0, Magic UI 4.0.0, Magic UI 3.1.1, Magic UI 3.1.0, Magic UI 3.0.0

Impact: Successful exploitation of this vulnerability could cause a denial of service attack by a near-end device.

Leaving consumer.huawei.com
After clicking the link, you will enter a third-party website. Huawei is not responsible and has no control over this third party website.
Return Continue