CVE-2021-39967
📋 TL;DR
This vulnerability allows unauthorized access to broadcast information on affected Huawei smartphones due to improper permission settings. Attackers could potentially intercept sensitive system or application broadcasts, compromising service confidentiality. The vulnerability affects Huawei smartphones running certain versions of HarmonyOS.
💻 Affected Systems
- Huawei smartphones
📦 What is this software?
Emui by Huawei
Emui by Huawei
Emui by Huawei
Emui by Huawei
Emui by Huawei
Harmonyos by Huawei
Magic Ui by Huawei
Magic Ui by Huawei
Magic Ui by Huawei
⚠️ Risk & Real-World Impact
Worst Case
Attackers intercept sensitive system broadcasts containing device information, user data, or application states, leading to privacy breaches or facilitating further attacks.
Likely Case
Unauthorized access to non-critical broadcast information that could reveal device details or application behavior patterns.
If Mitigated
With proper permission controls, broadcast access is restricted to authorized components only, preventing information leakage.
🎯 Exploit Status
Exploitation requires a malicious app to be installed on the device or physical access to the device.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: HarmonyOS 2.0.0.230 and later
Vendor Advisory: https://consumer.huawei.com/en/support/bulletin/2021/11/
Restart Required: Yes
Instructions:
1. Check for system updates in Settings > System & updates > Software update. 2. Download and install HarmonyOS 2.0.0.230 or later. 3. Restart the device after installation.
🔧 Temporary Workarounds
Restrict app permissions
allReview and restrict unnecessary app permissions, especially those related to system broadcasts or sensitive data access.
Disable unnecessary broadcast receivers
allDisable or remove broadcast receivers in apps that don't require them for essential functionality.
🧯 If You Can't Patch
- Isolate affected devices from sensitive networks and data
- Implement strict app installation policies and only install apps from trusted sources
🔍 How to Verify
Check if Vulnerable:
Check HarmonyOS version in Settings > About phone > HarmonyOS version. If version is earlier than 2.0.0.230, the device is vulnerable.Check Version:
Settings > About phone > HarmonyOS versionVerify Fix Applied:
Verify HarmonyOS version is 2.0.0.230 or later in Settings > About phone > HarmonyOS version.📡 Detection & Monitoring
Log Indicators:
- Unusual broadcast activity in system logs
- Multiple broadcast permission requests from untrusted apps
Network Indicators:
- Unusual data exfiltration patterns from device
SIEM Query:
Not applicable for typical mobile device environments🔗 References
- https://consumer.huawei.com/en/support/bulletin/2021/11/
- https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667
- https://consumer.huawei.com/en/support/bulletin/2021/11/
- https://device.harmonyos.com/en/docs/security/update/security-bulletins-202111-0000001217889667
