Huawei Magic Ui vulnerabilities

CVE-2021-22325 [MEDIUM] CWE-319 CVE-2021-22325: There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of th There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may result in video streams being intercepted during transmission.

CVE-2021-22337 [MEDIUM] CVE-2021-22337: There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of th There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause leaking of user click data.

CVE-2021-22316 [MEDIUM] CWE-306 CVE-2021-22316: There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone. Attacker There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone. Attackers with physical access to the device can thereby exploit this vulnerability. A successful exploitation of this vulnerability can compromise the device's data security and functional availability.

CVE-2021-22308 [LOW] CVE-2021-22308: There is a Business Logic Errors vulnerability in Huawei Smartphone. The malicious apps installed on There is a Business Logic Errors vulnerability in Huawei Smartphone. The malicious apps installed on the device can keep taking screenshots in the background. This issue does not cause system errors, but may cause personal information leakage.

CVE-2020-9147 [HIGH] CWE-125 CVE-2020-9147: A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local atta A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers may exploit this vulnerability by carefully constructing attack scenarios to cause out-of-bounds read.

CVE-2020-9148 [MEDIUM] CVE-2020-9148: An application bypass mechanism vulnerability exists in a component interface of Huawei Smartphone. An application bypass mechanism vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to delete user SMS messages.

CVE-2020-9146 [MEDIUM] CWE-772 CVE-2020-9146: A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local atta A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to cause memory leakage and doS attacks by carefully constructing attack scenarios.

CVE-2020-9149 [MEDIUM] CVE-2020-9149: An application error verification vulnerability exists in a component interface of Huawei Smartphone An application error verification vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to modify and delete user SMS messages.

CVE-2020-9145 [CRITICAL] CWE-787 CVE-2020-9145: There is an Out-of-bounds Write vulnerability in some Huawei smartphone. Successful exploitation of There is an Out-of-bounds Write vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability may cause out-of-bounds access to the physical memory.

CVE-2020-9142 [CRITICAL] CWE-787 CVE-2020-9142: There is a heap base buffer overflow vulnerability in some Huawei smartphone.Successful exploitation There is a heap base buffer overflow vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability can cause heap overflow and memory overwriting when the system incorrectly processes the update file.

CVE-2020-9139 [CRITICAL] CWE-20 CVE-2020-9139: There is a improper input validation vulnerability in some Huawei Smartphone.Successful exploit of t There is a improper input validation vulnerability in some Huawei Smartphone.Successful exploit of this vulnerability can cause memory access errors and denial of service.

CVE-2020-9141 [CRITICAL] CWE-269 CVE-2020-9141: There is a improper privilege management vulnerability in some Huawei smartphone. Successful exploit There is a improper privilege management vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability can cause information disclosure and malfunctions due to insufficient verification of data authenticity.

CVE-2020-9144 [CRITICAL] CWE-787 CVE-2020-9144: There is a heap overflow vulnerability in some Huawei smartphone, attackers can exploit this vulnera There is a heap overflow vulnerability in some Huawei smartphone, attackers can exploit this vulnerability to cause heap overflows due to improper restriction of operations within the bounds of a memory buffer.

CVE-2020-9140 [CRITICAL] CWE-119 CVE-2020-9140: There is a vulnerability with buffer access with incorrect length value in some Huawei Smartphone.Un There is a vulnerability with buffer access with incorrect length value in some Huawei Smartphone.Unauthorized users may trigger code execution when a buffer overflow occurs.

CVE-2020-9143 [MEDIUM] CWE-306 CVE-2020-9143: There is a missing authentication vulnerability in some Huawei smartphone.Successful exploitation of There is a missing authentication vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability may lead to low-sensitive information exposure.

CVE-2020-9138 [MEDIUM] CWE-787 CVE-2020-9138: There is a heap-based buffer overflow vulnerability in some Huawei Smartphone, Successful exploit of There is a heap-based buffer overflow vulnerability in some Huawei Smartphone, Successful exploit of this vulnerability can cause process exceptions during updating.