CVE-2025-54622Authentication Bypass by Primary Weakness in Huawei Harmonyos

CWE-305Authentication Bypass by Primary Weakness3 documents3 sources
Severity
7.4HIGHNVD
CNA8.3
EPSS
0.0%
top 98.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei Harmonyos
Timeline
PublishedAug 6

Description

Binding authentication bypass vulnerability in the devicemanager module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:NExploitability: 2.8 | Impact: 4.0

Affected Packages2 packages

CVEListV5huawei/harmonyos5.0.1, 5.1.0+1
NVDhuawei/harmonyos5.0.1, 5.0.2+1

🔴Vulnerability Details

2
GHSA
GHSA-r2gg-h7r4-gp2g: Binding authentication bypass vulnerability in the devicemanager module2025-08-06
CVEList
CVE-2025-54622: Binding authentication bypass vulnerability in the devicemanager module2025-08-06
CVE-2025-54622 — Huawei Harmonyos vulnerability | cvebase