Huawei Emui vulnerabilities

CVE-2026-34853 [HIGH] CWE-270 CVE-2026-34853: Permission bypass vulnerability in the LBS module. Impact: Successful exploitation of this vulnerabi Permission bypass vulnerability in the LBS module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-28553 [MEDIUM] CWE-275 CVE-2026-28553: Vulnerability of improper permission control in the theme setting module. Impact: Successful exploit Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2026-34859 [MEDIUM] CWE-416 CVE-2026-34859: UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will a UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

CVE-2026-34855 [MEDIUM] CWE-20 CVE-2026-34855: Out-of-bounds write vulnerability in the kernel module. Impact: Successful exploitation of this vuln Out-of-bounds write vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

CVE-2026-34854 [MEDIUM] CWE-416 CVE-2026-34854: UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will a UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

CVE-2026-28552 [MEDIUM] CWE-19 CVE-2026-28552: Out-of-bounds write vulnerability in the IMS module. Impact: Successful exploitation of this vulnera Out-of-bounds write vulnerability in the IMS module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-28542 [HIGH] CWE-755 CVE-2026-28542: Permission bypass vulnerability in the system service framework. Impact: Successful exploitation of Permission bypass vulnerability in the system service framework. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-28548 [HIGH] CWE-269 CVE-2026-28548: Vulnerability of improper verification in the email application. Impact: Successful exploitation of Vulnerability of improper verification in the email application. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2026-24920 [MEDIUM] CWE-264 CVE-2026-24920: Permission control vulnerability in the AMS module. Impact: Successful exploitation of this vulnerab Permission control vulnerability in the AMS module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-24917 [MEDIUM] CWE-416 CVE-2026-24917: UAF vulnerability in the security module. Impact: Successful exploitation of this vulnerability may UAF vulnerability in the security module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-24919 [MEDIUM] CWE-787 CVE-2026-24919: Out-of-bounds write vulnerability in the DFX module. Impact: Successful exploitation of this vulnera Out-of-bounds write vulnerability in the DFX module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-24928 [MEDIUM] CWE-680 CVE-2026-24928: Out-of-bounds write vulnerability in the file system module. Impact: Successful exploitation of this Out-of-bounds write vulnerability in the file system module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2026-24918 [MEDIUM] CWE-476 CVE-2026-24918: Address read vulnerability in the communication module. Impact: Successful exploitation of this vuln Address read vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-24927 [MEDIUM] CWE-416 CVE-2026-24927: Out-of-bounds access vulnerability in the frequency modulation module. Impact: Successful exploitati Out-of-bounds access vulnerability in the frequency modulation module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-68959 [MEDIUM] CWE-200 CVE-2025-68959: Permission verification bypass vulnerability in the media library module. Impact: Successful exploit Permission verification bypass vulnerability in the media library module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-68970 [MEDIUM] CWE-20 CVE-2025-68970: Permission verification bypass vulnerability in the media library module. Impact: Successful exploit Permission verification bypass vulnerability in the media library module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-68963 [MEDIUM] CWE-521 CVE-2025-68963: Man-in-the-middle attack vulnerability in the Clone module. Impact: Successful exploitation of this Man-in-the-middle attack vulnerability in the Clone module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-66325 [MEDIUM] CWE-264 CVE-2025-66325: Permission control vulnerability in the package management module. Impact: Successful exploitation o Permission control vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-66329 [MEDIUM] CWE-264 CVE-2025-66329: Permission control vulnerability in the window management module. Impact: Successful exploitation of Permission control vulnerability in the window management module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-58314 [MEDIUM] CWE-125 CVE-2025-58314: Vulnerability of accessing invalid memory in the component driver module. Impact: Successful exploit Vulnerability of accessing invalid memory in the component driver module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.