CVE-2025-58280 — Prototype Pollution in Huawei Harmonyos

Severity

5.5MEDIUMNVD

CNA8.4

EPSS

0.1%

top 81.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedSep 5

Description

Vulnerability of exposing object heap addresses in the Ark eTS module. Impact: Successful exploitation of this vulnerability may affect availability.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

▶CVEListV5huawei/harmonyos5.0.1, 5.1.0+1

▶NVDhuawei/harmonyos5.0.1, 5.1.0+1

CVEList

CVE-2025-58280: Vulnerability of exposing object heap addresses in the Ark eTS module↗2025-09-05

▶

GHSA

GHSA-v3c7-fg8q-9w96: Vulnerability of exposing object heap addresses in the Ark eTS module↗2025-09-05

▶