December

We use cookies to improve our site and your experience. By continuing to browse our site you accept our cookie policy. Find out more
For a better user experience, please use the latest version of Internet Explorer or switch to another browser.
Consumer

Smartphones, Laptops & Tablets, Wearables and More

Corporate

About Huawei, Press&Event, and More

Enterprise

Products, Solutions and Services for Enterprise

Carrier

Products, Solutions and Services for Carrier

Popular Products
HUAWEI MatePad Pro 13.2-inch
HUAWEI WATCH GT 4
HUAWEI Mate X3
Quick View
Smartphone
PC
Tablet
Wearable
Audio
Router
HUAWEI Mobile Services
enter more search keys

HUAWEI EMUI/Magic UI security updates December 2022

HUAWEI is releasing monthly security updates for flagship models. This security update includes HUAWEI and third-party library patches:

This security update includes the following third-party library patches:

This security update includes the CVE announced in the November 2022 Android security bulletin:

Critical: none

High: CVE-2022-20414, CVE-2022-20441, CVE-2022-20445, CVE-2022-20446, CVE-2022-20448, CVE-2022-20450, CVE-2022-20451, CVE-2022-20453, CVE-2022-20454, CVE-2022-20462, CVE-2022-20463, CVE-2022-20465, CVE-2022-2209, CVE-2022-25724, CVE-2022-25743, CVE-2021-1050, CVE-2022-25741

Medium: CVE-2022-20280, CVE-2022-20338

Low: none

Already included in previous updates: CVE-2022-25748, CVE-2022-20394, CVE-2021-39673, CVE-2022-20410, CVE-2022-20351, CVE-2022-26472, CVE-2022-22078

※ For more information on security patches, please refer to the Android security bulletins (https://source.android.com/security/bulletin).

This security update includes the following HUAWEI patches:

CVE-2022-41591: Path traversal vulnerability in the backup module

Severity: High

Affected versions: EMUI 12.0.1, EMUI 12.0.0, EMUI 11.0.1

Impact: Successful exploitation of this vulnerability will cause unauthorized access to other system files.

CVE-2022-41596: Vulnerability of serialization/deserialization mismatch in system tools

Severity: High

Affected versions: EMUI 12.0.1, EMUI 12.0.0, EMUI 11.0.1

Impact: Successful exploitation of this vulnerability will cause unauthorized startup of components.

CVE-2022-41599: Return value vulnerability in system services

Severity: Medium

Affected versions: EMUI 12.0.1, EMUI 12.0.0, EMUI 11.0.1

Impact: Successful exploitation of this vulnerability may affect confidentiality.

CVE-2022-46312: Unstrict permission verification vulnerability in the app management module

Severity: Medium

Affected versions: EMUI 12.0.1, EMUI 12.0.0, EMUI 11.0.1

Impact: Successful exploitation of this vulnerability will cause abnormal clearance of apps on the device.

CVE-2022-46317: Out-of-bounds read vulnerability in the power consumption module

Severity: Medium

Affected versions: EMUI 12.0.1, EMUI 12.0.0, EMUI 11.0.1

Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2022-46318: Vulnerability of functional logic errors in the HAware module

Severity: Medium

Affected versions: EMUI 12.0.1, EMUI 12.0.0, EMUI 11.0.1

Impact: Successful exploitation of this vulnerability will affect the account removal function in Settings.

CVE-2022-46319: Vulnerability of no boundary determination during fingerprint calibration

Severity: Medium

Affected versions: EMUI 12.0.0, EMUI 11.0.1

Impact: Successful exploitation of this vulnerability may cause out-of-bounds write.

CVE-2022-46320: Out-of-bounds read vulnerability in the kernel module

Severity: Medium

Affected versions: EMUI 12.0.1, EMUI 12.0.0, EMUI 11.0.1

Impact: Successful exploitation of this vulnerability may cause memory overwritting.

CVE-2022-46321: Permission verification vulnerability in the Wi-Fi module

Severity: Medium

Affected versions: EMUI 12.0.1, EMUI 12.0.0, EMUI 11.0.1

Impact: Successful exploitation of this vulnerability may affect confidentiality.

CVE-2022-46322: Out-of-bounds memory write in some mobile phones

Severity: Critical

Affected versions: EMUI 12.0.0

Impact: Successful exploitation of this vulnerability may cause system services to be abnormal.

Acknowledgment: Wen Guanxing

CVE-2022-46323: Out-of-bounds memory write in some mobile phones

Severity: Critical

Affected versions: EMUI 12.0.0

Impact: Successful exploitation of this vulnerability may cause system services to be abnormal.

Acknowledgment: Wen Guanxing

CVE-2022-46324: Out-of-bounds memory write in some mobile phones

Severity: Critical

Affected versions: EMUI 12.0.0

Impact: Successful exploitation of this vulnerability may cause system services to be abnormal.

Acknowledgment: Wen Guanxing

CVE-2022-46325: Out-of-bounds memory write in some mobile phones

Severity: Critical

Affected versions: EMUI 12.0.0

Impact: Successful exploitation of this vulnerability may cause system services to be abnormal.

Acknowledgment: Wen Guanxing

CVE-2022-46326: Out-of-bounds memory write in some mobile phones

Severity: Critical

Affected versions: EMUI 12.0.0

Impact: Successful exploitation of this vulnerability may cause system services to be abnormal.

Acknowledgment: Wen Guanxing

CVE-2022-46327: Vulnerability of configuration issues in some mobile phones

Severity: High

Affected versions: EMUI 12.0.0

Impact: Successful exploitation of this vulnerability may lead to unauthorized operations, causing system services to be abnormal.

CVE-2022-46328: Input verification vulnerabilities in some mobile phones

Severity: High

Affected versions: EMUI 12.0.0

Impact: Successful exploitation of this vulnerability may affect confidentiality.

Leaving consumer.huawei.com
After clicking the link, you will enter a third-party website. Huawei is not responsible and has no control over this third party website.
Return Continue