Magic UI Security Vulnerabilities

CVE-2022-31760

Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this vulnerability may affect data integrity and...

CVE-2022-31761

Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect...

CVE-2021-46813

Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect...

CVE-2021-46811

HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC)...

CVE-2022-31757

The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data...

CVE-2022-31751

The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system...

CVE-2022-31755

The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system...

CVE-2022-31756

The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data...

CVE-2022-31762

The AMS module has a vulnerability in input validation. Successful exploitation of this vulnerability may cause privilege...

CVE-2022-31759

AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system...

CVE-2022-31758

The kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data...

CVE-2021-46814

The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system...

CVE-2022-22252

The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system...

CVE-2022-29793

There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application...

CVE-2021-46787

The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to...

CVE-2021-46786

The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory...

CVE-2021-46789

Configuration defects in the secure OS module. Successful exploitation of this vulnerability can affect...

CVE-2021-46788

Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect...

CVE-2022-22256

The DFX module has an access control vulnerability.Successful exploitation of this vulnerability may affect data...

CVE-2022-22254

A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data...

CVE-2022-22257

The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data...

CVE-2022-22253

The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system...

CVE-2022-22258

The Wi-Fi module has an event notification vulnerability.Successful exploitation of this vulnerability may allow third-party applications to intercept event notifications and add information and result in...

CVE-2021-46742

The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the...

CVE-2021-40065

The communication module has a service logic error vulnerability.Successful exploitation of this vulnerability may affect data...

CVE-2021-40063

There is an improper access control vulnerability in the video module. Successful exploitation of this vulnerability may affect...

CVE-2021-40064

There is a heap-based buffer overflow vulnerability in system components. Successful exploitation of this vulnerability may affect system...

CVE-2021-40062

There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect...

CVE-2021-40060

There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect...

CVE-2021-40061

There is a vulnerability of accessing resources using an incompatible type (type confusion) in the Bastet module. Successful exploitation of this vulnerability may affect...

CVE-2021-40058

There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect...

CVE-2021-40059

There is a permission control vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect...

CVE-2021-40057

There is a heap-based and stack-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect...

CVE-2021-40056

There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect...

CVE-2021-40055

There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect...

CVE-2021-40054

There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of this vulnerability may affect...

CVE-2021-40053

There is a permission control vulnerability in the Nearby module.Successful exploitation of this vulnerability will affect availability and...

CVE-2021-40052

There is an incorrect buffer size calculation vulnerability in the video framework.Successful exploitation of this vulnerability may affect...

CVE-2021-40051

There is an unauthorized access vulnerability in system components. Successful exploitation of this vulnerability will affect...

CVE-2021-40050

There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this vulnerability may cause stack...

CVE-2021-40048

There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability will affect...

CVE-2021-40049

There is a permission control vulnerability in the PMS module. Successful exploitation of this vulnerability can lead to sensitive system information being obtained without...

CVE-2021-40047

There is a vulnerability of memory not being released after effective lifetime in the Bastet module. Successful exploitation of this vulnerability may affect...

CVE-2021-22489

There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service...

CVE-2021-37103

There is an improper permission management vulnerability in the Wallet apps. Successful exploitation of this vulnerability may affect service...

CVE-2021-37027

There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service...

CVE-2021-22448

There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause unauthorized read and write of some...

CVE-2021-22432

There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds...

CVE-2021-22437

There is a software integer overflow leading to a TOCTOU condition in smartphones. Successful exploitation of this vulnerability may cause random address...

CVE-2021-22433

There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be...