CVE-2025-58314

CWE-125 — Out-of-bounds Read3 documents3 sources

Severity

7.1HIGH

EPSS

0.0%

top 98.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Emui Huawei Harmonyos

Timeline

PublishedNov 28

Description

Vulnerability of accessing invalid memory in the component driver module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:LExploitability: 1.8 | Impact: 4.7

Affected Packages4 packages

▶CVEListV5huawei/emui5 versions+4

▶NVDhuawei/emui5 versions+4

▶CVEListV5huawei/harmonyos10 versions+9

▶NVDhuawei/harmonyos10 versions+9

🔴Vulnerability Details

CVEList

CVE-2025-58314: Vulnerability of accessing invalid memory in the component driver module↗2025-11-28

▶

GHSA

GHSA-gmrj-72qx-74jq: Vulnerability of accessing invalid memory in the component driver module↗2025-11-28

▶