Huawei Harmonyos vulnerabilities

CVE-2025-66325 [MEDIUM] CWE-264 CVE-2025-66325: Permission control vulnerability in the package management module. Impact: Successful exploitation o Permission control vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-66334 [MEDIUM] CWE-494 CVE-2025-66334: Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-66326 [MEDIUM] CWE-416 CVE-2025-66326: Race condition vulnerability in the audio module. Impact: Successful exploitation of this vulnerabil Race condition vulnerability in the audio module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-66328 [MEDIUM] CWE-362 CVE-2025-66328: Multi-thread race condition vulnerability in the network management module. Impact: Successful explo Multi-thread race condition vulnerability in the network management module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-58279 [MEDIUM] CWE-200 CVE-2025-58279: Permission control vulnerability in the media library module. Impact: Successful exploitation of thi Permission control vulnerability in the media library module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-66331 [MEDIUM] CWE-494 CVE-2025-66331: Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-66327 [MEDIUM] CWE-362 CVE-2025-66327: Race condition vulnerability in the network module. Impact: Successful exploitation of this vulnerab Race condition vulnerability in the network module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-66329 [MEDIUM] CWE-264 CVE-2025-66329: Permission control vulnerability in the window management module. Impact: Successful exploitation of Permission control vulnerability in the window management module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-64315 [HIGH] CWE-264 CVE-2025-64315: Configuration defect vulnerability in the file management module. Impact: Successful exploitation of Configuration defect vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect app data confidentiality and integrity.

CVE-2025-58314 [HIGH] CWE-125 CVE-2025-58314: Vulnerability of accessing invalid memory in the component driver module. Impact: Successful exploit Vulnerability of accessing invalid memory in the component driver module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

CVE-2025-58309 [HIGH] CWE-264 CVE-2025-58309: Permission control vulnerability in the startup recovery module. Impact: Successful exploitation of Permission control vulnerability in the startup recovery module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

CVE-2025-58311 [HIGH] CWE-416 CVE-2025-58311: UAF vulnerability in the USB driver module. Impact: Successful exploitation of this vulnerability wi UAF vulnerability in the USB driver module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

CVE-2025-64312 [HIGH] CWE-200 CVE-2025-64312: Permission control vulnerability in the file management module. Impact: Successful exploitation of t Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-58294 [MEDIUM] CWE-264 CVE-2025-58294: Permission control vulnerability in the print module. Impact: Successful exploitation of this vulner Permission control vulnerability in the print module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-58305 [MEDIUM] CWE-200 CVE-2025-58305: Identity authentication bypass vulnerability in the Gallery app. Impact: Successful exploitation of Identity authentication bypass vulnerability in the Gallery app. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-58312 [MEDIUM] CWE-264 CVE-2025-58312: Permission control vulnerability in the App Lock module. Impact: Successful exploitation of this vul Permission control vulnerability in the App Lock module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-58307 [MEDIUM] CWE-416 CVE-2025-58307: UAF vulnerability in the screen recording framework module. Impact: Successful exploitation of this UAF vulnerability in the screen recording framework module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-64314 [MEDIUM] CWE-843 CVE-2025-64314: Permission control vulnerability in the memory management module. Impact: Successful exploitation of Permission control vulnerability in the memory management module. Impact: Successful exploitation of this vulnerability may affect confidentiality.

CVE-2025-58316 [MEDIUM] CWE-362 CVE-2025-58316: DoS vulnerability in the video-related system service module. Impact: Successful exploitation of thi DoS vulnerability in the video-related system service module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-58304 [MEDIUM] CWE-199 CVE-2025-58304: Permission control vulnerability in the file management module. Impact: Successful exploitation of t Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.