Login Sign Up

CVE-2022-31760

9.1 CRITICAL

📋 TL;DR

This vulnerability allows unauthorized access to USSD dialog boxes on locked Huawei/HarmonyOS devices. Attackers could potentially view or modify sensitive information displayed through carrier-customized USSD services. This affects Huawei smartphones running vulnerable HarmonyOS versions.

💻 Affected Systems

Products:
  • Huawei smartphones with carrier-customized USSD services
Versions: HarmonyOS versions prior to security updates in June 2022
Operating Systems: HarmonyOS
Default Config Vulnerable: ⚠️ Yes
Notes: Specifically affects devices with carrier-customized USSD implementations; standard USSD services may not be vulnerable.

📦 What is this software?

Emui by Huawei

View all CVEs affecting Emui →

Emui by Huawei

View all CVEs affecting Emui →

Emui by Huawei

View all CVEs affecting Emui →

Emui by Huawei

View all CVEs affecting Emui →

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

Magic Ui by Huawei

View all CVEs affecting Magic Ui →

Magic Ui by Huawei

View all CVEs affecting Magic Ui →

Magic Ui by Huawei

View all CVEs affecting Magic Ui →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers with physical access to locked devices could intercept USSD communications, potentially accessing sensitive carrier services, modifying account settings, or stealing authentication codes.

🟠

Likely Case

Unauthorized users could view sensitive information displayed in USSD dialogs on locked devices, potentially exposing personal data or carrier service details.

🟢

If Mitigated

With proper screen lock controls and timely patching, the risk is limited to physical access scenarios where attackers can interact with the locked device.

🌐 Internet-Facing: LOW - This requires physical access to the device or local network access, not directly exploitable over the internet.
🏢 Internal Only: MEDIUM - In environments with shared devices or physical access risks, this could allow unauthorized access to sensitive information.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires physical access to a locked device and knowledge of triggering USSD services; no authentication bypass needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: June 2022 security updates for HarmonyOS

Vendor Advisory: https://consumer.huawei.com/en/support/bulletin/2022/6/

Restart Required: Yes

Instructions:

1. Check for updates in Settings > System & updates > Software update. 2. Install June 2022 security update. 3. Restart device after installation.

🔧 Temporary Workarounds

Disable USSD services

all

Temporarily disable carrier USSD services through device settings or carrier configuration

Enhanced screen lock

all

Use biometric authentication or strong PIN instead of simple swipe/pattern locks

🧯 If You Can't Patch

  • Implement strict physical security controls for devices
  • Disable or restrict USSD services through MDM/carrier policies

🔍 How to Verify

Check if Vulnerable:

Check if device runs HarmonyOS and hasn't received June 2022 security updates; test by locking screen and attempting to trigger USSD dialogs

Check Version:

Settings > About phone > HarmonyOS version

Verify Fix Applied:

Verify June 2022 security update is installed and USSD dialogs no longer appear on locked screen

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed screen unlock attempts followed by USSD service activation
  • USSD service calls while device reported as locked

Network Indicators:

  • USSD traffic originating from devices that should be locked

SIEM Query:

device_status:locked AND ussd_service:active

📊 Metadata

CVE ID: CVE-2022-31760
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Published: June 13, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON