# HUAWEI EMUI/Magic UI security updates January 2023 ## HUAWEI EMUI/Magic UI security updates January 2023 HUAWEI is releasing monthly security updates for flagship models. This security update includes HUAWEI and third-party library patches: This security update includes the following third-party library patches: ## This security update includes the CVE announced in the December 2022 Android security bulletin: Critical: CVE-2022-20411, CVE-2022-20472, CVE-2022-20473, CVE-2022-20498 High: CVE-2021-0934, CVE-2022-20124, CVE-2022-20449, CVE-2022-20466, CVE-2022-20469, CVE-2022-20470, CVE-2022-20474, CVE-2022-20476, CVE-2022-20478, CVE-2022-20479, CVE-2022-20480, CVE-2022-20483, CVE-2022-20484, CVE-2022-20485, CVE-2022-20486, CVE-2022-20487, CVE-2022-20488, CVE-2022-20491, CVE-2022-20495, CVE-2022-20496, CVE-2022-20500, CVE-2022-20501, CVE-2022-20611, CVE-2022-33268 Medium: CVE-2022-20468, CVE-2022-25677, CVE-2022-1419, CVE-2022-28390, CVE-2022-30594, CVE-2022-20571, CVE-2022-20572 Low: none Already included in previous updates: CVE-2022-20426, CVE-2022-20425, CVE-2022-20392, CVE-2022-25669, CVE-2022-25688, CVE-2022-25658, CVE-2022-25659 ※ For more information on security patches, please refer to the Android security bulletins (). ## This security update includes the following HUAWEI patches: ### CVE-2021-46856: Path traversal vulnerability in the Multi-screen Collaboration module Severity: Medium Affected versions: EMUI 12.0.1, EMUI 12.0.0 Impact: Successful exploitation of this vulnerability may affect confidentiality. ### CVE-2021-46867: The HW\_KEYMASTER module does not release memory Severity: Medium Affected versions: EMUI 12.0.0 Impact: Successful exploitation of this vulnerability may cause out-of-bounds access. ### CVE-2021-46868: The HW\_KEYMASTER module does not release memory Severity: Medium Affected versions: EMUI 12.0.0 Impact: Successful exploitation of this vulnerability may cause out-of-bounds access. ### CVE-2022-46761: Vulnerability of the dynamic hiding and restoring of app icons in the system Severity: Medium Affected versions: EMUI 12.0.1, EMUI 12.0.0, EMUI 11.0.1 Impact: Successful exploitation of this vulnerability allows app icons to be dynamically hidden or restored using special methods. ### CVE-2022-46762: Logic bypass vulnerability in the memory management module Severity: High Affected versions: EMUI 12.0.0 Impact: Successful exploitation of this vulnerability may affect confidentiality. ### CVE-2022-47974: DoS attack vulnerability in the Bluetooth AVRCP module Severity: Medium Affected versions: EMUI 12.0.1, EMUI 12.0.0, EMUI 11.0.1 Impact: Successful exploitation of this vulnerability may cause the Bluetooth process to restart. ### CVE-2022-47975: Double free vulnerability of the DUBAI module Severity: Medium Affected versions: EMUI 12.0.0 Impact: Successful exploitation of this vulnerability will affect availability. ### CVE-2022-47976: Control connection replacement vulnerability in the DMSDP module of the distributed hardware Severity: High Affected versions: EMUI 12.0.0 Impact: Successful exploitation of this vulnerability may disconnect normal service connections. ## 출처 : [바로가기 ](https://consumer.huawei.com/en/support/bulletin/2023/1/) {% embed url="" %} NHN Cloud 정보 사이트 {% endembed %} {% embed url="" %} 취약점 진단 분석 평가 방법 사이트 {% endembed %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://sul.skill.or.kr/mobile-security-updates/2023-huawei-mobile/huawei-emui-magic-ui-security-updates-january-2023.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.