Huawei ≫ Magic Ui

HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC) information.

Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect availability.

Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality.

The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability.

Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features.

The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data confidentiality.

Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this vulnerability may affect data integrity and confidentiality.

Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect confidentiality.

The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability.

The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability.