Huawei Harmonyos vulnerabilities

CVE-2024-58112 [HIGH] CWE-248 CVE-2024-58112: Exception capture failure vulnerability in the SVG parsing module of the ArkUI framework Impact: Suc Exception capture failure vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-58109 [HIGH] CWE-120 CVE-2024-58109: Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerabil Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-31173 [MEDIUM] CWE-280 CVE-2025-31173: Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitat Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-31172 [MEDIUM] CWE-280 CVE-2025-31172: Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitat Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-31171 [MEDIUM] CWE-862 CVE-2025-31171: File read permission bypass vulnerability in the kernel file system module Impact: Successful exploi File read permission bypass vulnerability in the kernel file system module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-58049 [MEDIUM] CWE-200 CVE-2024-58049: Permission verification vulnerability in the media library module Impact: Successful exploitation of Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-58045 [MEDIUM] CWE-362 CVE-2024-58045: Multi-concurrency vulnerability in the media digital copyright protection module Impact: Successful Multi-concurrency vulnerability in the media digital copyright protection module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-27521 [MEDIUM] CWE-280 CVE-2025-27521: Vulnerability of improper access permission in the process management module Impact: Successful expl Vulnerability of improper access permission in the process management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-58044 [MEDIUM] CWE-20 CVE-2024-58044: Permission verification bypass vulnerability in the notification module Impact: Successful exploitat Permission verification bypass vulnerability in the notification module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-58048 [MEDIUM] CWE-362 CVE-2024-58048: Multi-thread problem vulnerability in the package management module Impact: Successful exploitation Multi-thread problem vulnerability in the package management module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-58046 [MEDIUM] CWE-840 CVE-2024-58046: Permission management vulnerability in the lock screen module Impact: Successful exploitation of thi Permission management vulnerability in the lock screen module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-58047 [MEDIUM] CWE-200 CVE-2024-58047: Permission verification vulnerability in the media library module Impact: Successful exploitation of Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-58050 [MEDIUM] CWE-276 CVE-2024-58050: Vulnerability of improper access permission in the HDC module Impact: Successful exploitation of thi Vulnerability of improper access permission in the HDC module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-58043 [MEDIUM] CWE-840 CVE-2024-58043: Permission bypass vulnerability in the window module Impact: Successful exploitation of this vulnera Permission bypass vulnerability in the window module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-57961 [CRITICAL] CWE-787 CVE-2024-57961: Out-of-bounds write vulnerability in the emcom module Impact: Successful exploitation of this vulner Out-of-bounds write vulnerability in the emcom module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-57959 [CRITICAL] CWE-416 CVE-2024-57959: Use-After-Free (UAF) vulnerability in the display module Impact: Successful exploitation of this vul Use-After-Free (UAF) vulnerability in the display module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-57958 [CRITICAL] CWE-125 CVE-2024-57958: Out-of-bounds array read vulnerability in the FFRT module Impact: Successful exploitation of this vu Out-of-bounds array read vulnerability in the FFRT module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-57962 [HIGH] CWE-701 CVE-2024-57962: Vulnerability of incomplete verification information in the VPN service module Impact: Successful ex Vulnerability of incomplete verification information in the VPN service module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-57960 [HIGH] CWE-20 CVE-2024-57960: Input verification vulnerability in the ExternalStorageProvider module Impact: Successful exploitati Input verification vulnerability in the ExternalStorageProvider module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-57954 [HIGH] CWE-285 CVE-2024-57954: Permission verification vulnerability in the media library module Impact: Successful exploitation of Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.