February

We use cookies to improve our site and your experience. By continuing to browse our site you accept our cookie policy. Find out more
Consumer

Smartphones, Laptops & Tablets, Wearables and More

Corporate

About Huawei, Press&Event, and More

Enterprise

Products, Solutions and Services for Enterprise

Carrier

Products, Solutions and Services for Carrier

Popular Products
HUAWEI Mate X6
HUAWEI nova 13 Pro
HUAWEI FreeBuds Pro 4
Quick View
Smartphone
Wearable
PC
Tablet
Audio
Router
HUAWEI Mobile Services
enter more search keys

Security Bulletins for HUAWEI Phones/Tablets, February 2025

HUAWEI is releasing monthly security updates for flagship models. This security update includes HUAWEI and third-party library patches:

This security update includes the following HUAWEI patches:

CVE Vulnerability Description Impact Severity Affected Version
CVE-2024-57960 Input verification vulnerability in the ExternalStorageProvider module Successful exploitation of this vulnerability may affect service confidentiality. High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.0.0, HarmonyOS3.1.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2024-57954 Permission verification vulnerability in the media library module Successful exploitation of this vulnerability may affect service confidentiality. Medium HarmonyOS5.0.0
CVE-2024-57955 Arbitrary write vulnerability in the Gallery module Successful exploitation of this vulnerability may affect service confidentiality. Medium HarmonyOS5.0.0
CVE-2024-57956 Out-of-bounds read vulnerability in the interpreter string module Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS5.0.0
CVE-2024-57957 Vulnerability of improper log information control in the UI framework module Successful exploitation of this vulnerability may affect service confidentiality. Medium HarmonyOS5.0.0
CVE-2024-12602 Identity verification vulnerability in the ParamWatcher module Successful exploitation of this vulnerability may affect service confidentiality. Medium HarmonyOS5.0.0
CVE-2024-57958 Out-of-bounds array read vulnerability in the FFRT module Successful exploitation of this vulnerability may cause features to perform abnormally. Medium HarmonyOS5.0.0, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, EMUI 14.0.0
CVE-2024-57959 Use-After-Free (UAF) vulnerability in the display module Successful exploitation of this vulnerability may cause features to perform abnormally. Medium HarmonyOS5.0.0, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, EMUI 14.0.0
CVE-2024-57961 Out-of-bounds write vulnerability in the emcom module Successful exploitation of this vulnerability may cause features to perform abnormally. Medium HarmonyOS4.2.0, HarmonyOS3.0.0, EMUI 13.0.0
CVE-2024-57962 Vulnerability of incomplete verification information in the VPN service module Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS5.0.0

This security update includes the following third-party library patches:

CVE Severity Affected Version
CVE-2024-43096 Critical HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-43770 Critical HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-43771 Critical HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-49747 Critical HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-49748 Critical HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2023-40108 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-43095 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2024-43763 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-43765 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2024-49733 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-49742 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-49749 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-21464 High HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2024-43071 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-49983 High HarmonyOS5.0.0
CVE-2024-50262 High HarmonyOS5.0.0
CVE-2024-49975 Medium HarmonyOS5.0.0
CVE-2024-50013 Medium HarmonyOS5.0.0
CVE-2024-50142 Medium HarmonyOS5.0.0
CVE-2024-50302 Medium HarmonyOS5.0.0
CVE-2024-47660 Low HarmonyOS5.0.0
CVE-2024-50301 Low HarmonyOS5.0.0
CVE-2024-53140 Low HarmonyOS5.0.0
CVE-2024-53142 Low HarmonyOS5.0.0

Updated on: 2025-02-05

Leaving consumer.huawei.com
After clicking the link, you will enter a third-party website. Huawei is not responsible and has no control over this third party website.
Return Continue