August

HUAWEI is releasing monthly security updates for flagship models. This security update includes HUAWEI and third-party library patches:

This security update includes the following HUAWEI patches:

CVE Vulnerability Description Impact Severity Affected Version
CVE-2024-42030 Access permission verification vulnerability in the content sharing pop Successful exploitation of this vulnerability may affect service confidentiality. Medium HarmonyOS4.2.0, HarmonyOS3.1.0, HarmonyOS4.0.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2024-42031 Access permission verification vulnerability in the Settings module Successful exploitation of this vulnerability may affect service confidentiality. Medium HarmonyOS4.2.0, HarmonyOS2.0.0, HarmonyOS2.1.0, HarmonyOS3.0.0, HarmonyOS3.1.0, HarmonyOS4.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-42032 Access permission verification vulnerability in the Contacts module Successful exploitation of this vulnerability may affect service confidentiality. Medium HarmonyOS4.2.0, HarmonyOS2.0.0, HarmonyOS2.1.0, HarmonyOS3.0.0, HarmonyOS3.1.0, HarmonyOS4.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2023-7265 Permission verification vulnerability in the lock screen module Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS4.2.0, HarmonyOS2.0.0, HarmonyOS2.1.0, HarmonyOS3.0.0, HarmonyOS3.1.0, HarmonyOS4.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-42033 Access control vulnerability in the security verification module Successful exploitation of this vulnerability will affect integrity and confidentiality. Medium HarmonyOS4.2.0, HarmonyOS2.0.0, HarmonyOS3.0.0, HarmonyOS3.1.0, HarmonyOS4.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-42034 LaunchAnywhere vulnerability in the account module Successful exploitation of this vulnerability may affect service confidentiality. Medium HarmonyOS4.2.0, HarmonyOS2.0.0, HarmonyOS2.1.0, HarmonyOS3.0.0, HarmonyOS3.1.0, HarmonyOS4.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-42035 Permission control vulnerability in the App Multiplier module Successful exploitation of this vulnerability may affect functionality and confidentiality. High HarmonyOS4.2.0, HarmonyOS4.0.0, EMUI 14.0.0
CVE-2024-42036 Access permission verification vulnerability in the Notepad module Successful exploitation of this vulnerability may affect service confidentiality. Medium HarmonyOS4.2.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS4.0.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2024-42037 Vulnerability of uncaught exceptions in the Graphics module Successful exploitation of this vulnerability may cause features to perform abnormally. Critical HarmonyOS4.2.0, HarmonyOS2.0.0, HarmonyOS2.1.0, HarmonyOS3.0.0, HarmonyOS3.1.0, HarmonyOS4.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-42038 Vulnerability of PIN enhancement failures in the screen lock module Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability. High HarmonyOS4.2.0, HarmonyOS3.0.0, HarmonyOS4.0.0, EMUI 14.0.0, EMUI 13.0.0

This security update includes the following third-party library patches:

CVE Severity Affected Version
CVE-2024-31320 Critical HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2024-34723 High HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2024-31339 High HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2024-34721 High HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2024-23372 High HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2024-23373 High HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2024-23380 High HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2024-26923 High HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-21458 Medium HarmonyOS4.0.0, HarmonyOS3.1.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2024-31322 High HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2023-43543 Medium HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2023-43544 Medium HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2023-21387 Medium HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-22005 High HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-0044 High HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2023-6363 High HarmonyOS4.2.0

Updated on: 2024-08-05

Leaving consumer.huawei.com
After clicking the link, you will enter a third-party website. Huawei is not responsible and has no control over this third party website.
Return Continue