Huawei Harmonyos vulnerabilities

CVE-2026-24922 [MEDIUM] CWE-122 CVE-2026-24922: Buffer overflow vulnerability in the HDC module. Impact: Successful exploitation of this vulnerabili Buffer overflow vulnerability in the HDC module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-24920 [MEDIUM] CWE-264 CVE-2026-24920: Permission control vulnerability in the AMS module. Impact: Successful exploitation of this vulnerab Permission control vulnerability in the AMS module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-24917 [MEDIUM] CWE-416 CVE-2026-24917: UAF vulnerability in the security module. Impact: Successful exploitation of this vulnerability may UAF vulnerability in the security module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-24931 [MEDIUM] CWE-264 CVE-2026-24931: Vulnerability of improper criterion security check in the card module. Impact: Successful exploitati Vulnerability of improper criterion security check in the card module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2026-24924 [MEDIUM] CWE-264 CVE-2026-24924: Vulnerability of improper permission control in the print module. Impact: Successful exploitation of Vulnerability of improper permission control in the print module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2026-24919 [MEDIUM] CWE-787 CVE-2026-24919: Out-of-bounds write vulnerability in the DFX module. Impact: Successful exploitation of this vulnera Out-of-bounds write vulnerability in the DFX module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-24929 [MEDIUM] CWE-476 CVE-2026-24929: Out-of-bounds read vulnerability in the graphics module. Impact: Successful exploitation of this vul Out-of-bounds read vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-24926 [MEDIUM] CWE-787 CVE-2026-24926: Out-of-bounds write vulnerability in the camera module. Impact: Successful exploitation of this vuln Out-of-bounds write vulnerability in the camera module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-24928 [MEDIUM] CWE-680 CVE-2026-24928: Out-of-bounds write vulnerability in the file system module. Impact: Successful exploitation of this Out-of-bounds write vulnerability in the file system module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2026-24930 [MEDIUM] CWE-362 CVE-2026-24930: UAF concurrency vulnerability in the graphics module. Impact: Successful exploitation of this vulner UAF concurrency vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-24918 [MEDIUM] CWE-476 CVE-2026-24918: Address read vulnerability in the communication module. Impact: Successful exploitation of this vuln Address read vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-24916 [MEDIUM] CWE-200 CVE-2026-24916: Identity authentication bypass vulnerability in the window module. Impact: Successful exploitation o Identity authentication bypass vulnerability in the window module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2026-24927 [MEDIUM] CWE-416 CVE-2026-24927: Out-of-bounds access vulnerability in the frequency modulation module. Impact: Successful exploitati Out-of-bounds access vulnerability in the frequency modulation module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-24914 [MEDIUM] CWE-416 CVE-2026-24914: Type confusion vulnerability in the camera module. Impact: Successful exploitation of this vulnerabi Type confusion vulnerability in the camera module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-24925 [MEDIUM] CWE-122 CVE-2026-24925: Heap-based buffer overflow vulnerability in the image module. Impact: Successful exploitation of thi Heap-based buffer overflow vulnerability in the image module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2026-24923 [MEDIUM] CWE-264 CVE-2026-24923: Permission control vulnerability in the HDC module. Impact: Successful exploitation of this vulnerab Permission control vulnerability in the HDC module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-68968 [HIGH] CWE-415 CVE-2025-68968: Double free vulnerability in the multi-mode input module. Impact: Successful exploitation of this vu Double free vulnerability in the multi-mode input module. Impact: Successful exploitation of this vulnerability may affect the input function.

CVE-2025-68960 [MEDIUM] CWE-362 CVE-2025-68960: Multi-thread race condition vulnerability in the video framework module. Impact: Successful exploita Multi-thread race condition vulnerability in the video framework module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-68962 [MEDIUM] CWE-362 CVE-2025-68962: Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploit Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-68955 [MEDIUM] CWE-362 CVE-2025-68955: Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploita Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect availability.