Huawei Harmonyos vulnerabilities

CVE-2025-68964 [MEDIUM] CWE-20 CVE-2025-68964: Data verification vulnerability in the HiView module. Impact: Successful exploitation of this vulner Data verification vulnerability in the HiView module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-68969 [MEDIUM] CWE-362 CVE-2025-68969: Multi-thread race condition vulnerability in the thermal management module. Impact: Successful explo Multi-thread race condition vulnerability in the thermal management module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-68959 [MEDIUM] CWE-200 CVE-2025-68959: Permission verification bypass vulnerability in the media library module. Impact: Successful exploit Permission verification bypass vulnerability in the media library module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-68966 [MEDIUM] CWE-200 CVE-2025-68966: Permission control vulnerability in the Notepad module. Impact: Successful exploitation of this vuln Permission control vulnerability in the Notepad module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-68957 [MEDIUM] CWE-362 CVE-2025-68957: Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitat Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-68965 [MEDIUM] CWE-200 CVE-2025-68965: Permission control vulnerability in the Notepad module. Impact: Successful exploitation of this vuln Permission control vulnerability in the Notepad module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-68970 [MEDIUM] CWE-20 CVE-2025-68970: Permission verification bypass vulnerability in the media library module. Impact: Successful exploit Permission verification bypass vulnerability in the media library module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-68958 [MEDIUM] CWE-362 CVE-2025-68958: Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitat Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-68967 [MEDIUM] CWE-264 CVE-2025-68967: Vulnerability of improper permission control in the print module. Impact: Successful exploitation of Vulnerability of improper permission control in the print module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-68963 [MEDIUM] CWE-521 CVE-2025-68963: Man-in-the-middle attack vulnerability in the Clone module. Impact: Successful exploitation of this Man-in-the-middle attack vulnerability in the Clone module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-68956 [MEDIUM] CWE-362 CVE-2025-68956: Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitat Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-68961 [MEDIUM] CWE-362 CVE-2025-68961: Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploit Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-66321 [MEDIUM] CWE-362 CVE-2025-66321: Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploit Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-66320 [MEDIUM] CWE-362 CVE-2025-66320: Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploit Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-66323 [MEDIUM] CWE-358 CVE-2025-66323: Vulnerability of improper criterion security check in the card module. Impact: Successful exploitati Vulnerability of improper criterion security check in the card module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-66324 [MEDIUM] CWE-269 CVE-2025-66324: Input verification vulnerability in the compression and decompression module. Impact: Successful exp Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affect app data integrity.

CVE-2025-66330 [MEDIUM] CWE-200 CVE-2025-66330: App lock verification bypass vulnerability in the file management app. Impact: Successful exploitati App lock verification bypass vulnerability in the file management app. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-66322 [MEDIUM] CWE-362 CVE-2025-66322: Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploit Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-66333 [MEDIUM] CWE-494 CVE-2025-66333: Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-66332 [MEDIUM] CWE-494 CVE-2025-66332: Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.