CVE-2021-22387 – This vulnerability in Huawei smartphones allows... (How to Fix)

Q: What is the severity of CVE-2021-22387?

CVE-2021-22387 has a CVSS score of 9.8 (CRITICAL). This vulnerability in Huawei smartphones allows improper control of dynamically managed code resources, potentially enabling remote command execution. Attackers could exploit this to run arbitrary code on affected devices. All users of vulnerable Huawei smartphone models are affected.

📋 TL;DR

This vulnerability in Huawei smartphones allows improper control of dynamically managed code resources, potentially enabling remote command execution. Attackers could exploit this to run arbitrary code on affected devices. All users of vulnerable Huawei smartphone models are affected.

💻 Affected Systems

Products:

Huawei smartphones

Versions: Specific affected versions not detailed in provided references; check Huawei security bulletins for exact models.

Operating Systems: HarmonyOS, Android-based Huawei EMUI

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability affects Huawei's smartphone software stack; exact models and versions require checking Huawei's detailed security advisories.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise allowing remote attackers to execute arbitrary commands, install malware, steal data, or gain persistent access.

🟠

Likely Case

Remote code execution leading to data theft, surveillance, or device takeover for botnet participation.

🟢

If Mitigated

Limited impact with proper network segmentation and security controls preventing exploitation attempts.

🌐 Internet-Facing: HIGH - Smartphones are typically internet-connected and could be targeted remotely.

🏢 Internal Only: MEDIUM - Requires network access but could be exploited through malicious apps or compromised internal systems.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

CVSS 9.8 suggests critical severity with high attack vector; Huawei's description indicates remote exploitation possible.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Huawei security updates for specific device models

Vendor Advisory: https://consumer.huawei.com/en/support/bulletin/2021/6/

Restart Required: Yes

Instructions:

1. Check for security updates in device Settings > System & updates > Software update. 2. Install available updates immediately. 3. Restart device after update completes.

🔧 Temporary Workarounds

Network segmentation

all

Restrict device network access to trusted networks only

App installation restrictions

all

Disable installation from unknown sources and review app permissions

🧯 If You Can't Patch

Isolate affected devices from untrusted networks and internet access
Implement mobile device management (MDM) with strict security policies

🔍 How to Verify

Check if Vulnerable:

Check device model and software version against Huawei's security bulletin for June 2021

Check Version:

Settings > About phone > Build number / Software version

Verify Fix Applied:

Verify software version is updated beyond vulnerable versions listed in Huawei advisory

📡 Detection & Monitoring

Log Indicators:

Unusual process execution, privilege escalation attempts, unexpected network connections from device

Network Indicators:

Suspicious outbound connections from smartphone to unknown IPs, unusual command and control traffic

SIEM Query:

Device logs showing unexpected process creation or network connections from Huawei smartphones

📊 Metadata

CVE ID: CVE-2021-22387

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-913

Published: August 2, 2021

Last Updated: November 21, 2024

🔗 References

https://consumer.huawei.com/en/support/bulletin/2021/6/ Vendor Advisory
https://consumer.huawei.com/en/support/bulletin/2021/6/ Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-22387, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Emui by Huawei

Emui by Huawei

Emui by Huawei

Magic Ui by Huawei

Magic Ui by Huawei

Magic Ui by Huawei

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Network segmentation

App installation restrictions

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities