CVE-2021-22389 – This is a critical permission control vulnerabi... (How to Fix)

Q: What is the severity of CVE-2021-22389?

CVE-2021-22389 has a CVSS score of 9.8 (CRITICAL). This is a critical permission control vulnerability in Huawei smartphones that allows attackers to bypass security restrictions and execute arbitrary code. It affects multiple Huawei smartphone models running specific EMUI versions. Successful exploitation could lead to complete device compromise.

📋 TL;DR

This is a critical permission control vulnerability in Huawei smartphones that allows attackers to bypass security restrictions and execute arbitrary code. It affects multiple Huawei smartphone models running specific EMUI versions. Successful exploitation could lead to complete device compromise.

💻 Affected Systems

Products:

Huawei smartphones

Versions: EMUI 11.0.0, 11.0.1, and Magic UI 4.0.0, 4.0.1

Operating Systems: Android-based EMUI/Magic UI

Default Config Vulnerable: ⚠️ Yes

Notes: Affects multiple Huawei smartphone models including P40, Mate 30, and other recent models

📦 What is this software?

Emui by Huawei

View all CVEs affecting Emui →

Magic Ui by Huawei

View all CVEs affecting Magic Ui →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device takeover with root/system privileges, allowing data theft, surveillance, and persistent backdoor installation

🟠

Likely Case

Local privilege escalation leading to unauthorized access to sensitive data and system functions

🟢

If Mitigated

Limited impact with proper app sandboxing and security controls in place

🌐 Internet-Facing: LOW (requires local access or malicious app installation)

🏢 Internal Only: HIGH (can be exploited by malicious apps or users with physical access)

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access or malicious app installation; no public exploit code available

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: EMUI 11.0.1.166 and later, Magic UI 4.0.1.166 and later

Vendor Advisory: https://consumer.huawei.com/en/support/bulletin/2021/6/

Restart Required: Yes

Instructions:

1. Check for system updates in Settings > System & updates > Software update. 2. Download and install the latest security update. 3. Restart device after installation completes.

🔧 Temporary Workarounds

Disable unknown sources

android

Prevent installation of malicious apps from unknown sources

Settings > Security > Install unknown apps > Disable for all apps

Enable Google Play Protect

android

Use built-in malware scanning for installed apps

Google Play Store > Menu > Play Protect > Scan device for security threats

🧯 If You Can't Patch

Restrict physical access to devices and implement mobile device management (MDM) controls
Monitor for suspicious app installations and unusual device behavior

🔍 How to Verify

Check if Vulnerable:

Check EMUI/Magic UI version in Settings > About phone > EMUI version/Magic UI version

Check Version:

Settings > About phone > EMUI version/Magic UI version

Verify Fix Applied:

Verify version is EMUI 11.0.1.166+ or Magic UI 4.0.1.166+ after update

📡 Detection & Monitoring

Log Indicators:

Unusual permission requests in app logs
Suspicious system service activations

Network Indicators:

Unexpected outbound connections from system processes

SIEM Query:

Device logs showing privilege escalation attempts or unusual permission grants

📊 Metadata

CVE ID: CVE-2021-22389

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-863

Published: August 2, 2021

Last Updated: November 21, 2024

🔗 References

https://consumer.huawei.com/en/support/bulletin/2021/6/ Vendor Advisory
https://consumer.huawei.com/en/support/bulletin/2021/6/ Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-22389, you might also want to check these: