CVE-2025-54655Time-of-check Time-of-use (TOCTOU) Race Condition in Huawei Harmonyos

CWE-367Time-of-check Time-of-use (TOCTOU) Race Condition3 documents3 sources
Severity
7.8HIGHNVD
CNA8.1
EPSS
0.0%
top 99.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei Harmonyos
Timeline
PublishedAug 6

Description

Race condition vulnerability in the virtualization base module. Successful exploitation of this vulnerability may affect the confidentiality and integrity of the virtualization graphics module.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:NExploitability: 1.4 | Impact: 5.8

Affected Packages2 packages

CVEListV5huawei/harmonyos5.0.1, 5.0.2+1
NVDhuawei/harmonyos5.0.1, 5.0.2+1

🔴Vulnerability Details

2
CVEList
CVE-2025-54655: Race condition vulnerability in the virtualization base module2025-08-06
GHSA
GHSA-p8vr-m38h-gw25: Race condition vulnerability in the virtualization base module2025-08-06
CVE-2025-54655 — Huawei Harmonyos vulnerability | cvebase