Huawei Harmonyos vulnerabilities

CVE-2025-64311 [MEDIUM] CWE-200 CVE-2025-64311: Permission control vulnerability in the Notepad module. Impact: Successful exploitation of this vuln Permission control vulnerability in the Notepad module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-64313 [MEDIUM] CWE-362 CVE-2025-64313: Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-58302 [MEDIUM] CWE-264 CVE-2025-58302: Permission control vulnerability in the Settings module. Impact: Successful exploitation of this vul Permission control vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-58310 [MEDIUM] CWE-843 CVE-2025-58310: Permission control vulnerability in the distributed component. Impact: Successful exploitation of th Permission control vulnerability in the distributed component. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-58315 [MEDIUM] CWE-264 CVE-2025-58315: Permission control vulnerability in the Wi-Fi module. Impact: Successful exploitation of this vulner Permission control vulnerability in the Wi-Fi module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-58303 [MEDIUM] CWE-362 CVE-2025-58303: UAF vulnerability in the screen recording framework module. Impact: Successful exploitation of this UAF vulnerability in the screen recording framework module. Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-58308 [LOW] CWE-358 CVE-2025-58308: Vulnerability of improper criterion security check in the call module. Impact: Successful exploitati Vulnerability of improper criterion security check in the call module. Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2025-58284 [MEDIUM] CWE-264 CVE-2025-58284: Permission control vulnerability in the network module. Successful exploitation of this vulnerabilit Permission control vulnerability in the network module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-58289 [MEDIUM] CWE-840 CVE-2025-58289: Vulnerability of improper exception handling in the print module. Successful exploitation of this vu Vulnerability of improper exception handling in the print module. Successful exploitation of this vulnerability may affect availability.

CVE-2025-58301 [MEDIUM] CWE-121 CVE-2025-58301: Buffer overflow vulnerability in the device management module. Successful exploitation of this vulne Buffer overflow vulnerability in the device management module. Successful exploitation of this vulnerability may affect availability.

CVE-2025-58299 [MEDIUM] CWE-416 CVE-2025-58299: Use After Free (UAF) vulnerability in the storage management module. Successful exploitation of this Use After Free (UAF) vulnerability in the storage management module. Successful exploitation of this vulnerability may affect availability.

CVE-2025-58288 [MEDIUM] CWE-275 CVE-2025-58288: Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnera Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnerability may affect availability.

CVE-2025-58295 [MEDIUM] CWE-121 CVE-2025-58295: Buffer overflow vulnerability in the development framework module. Successful exploitation of this v Buffer overflow vulnerability in the development framework module. Successful exploitation of this vulnerability may affect availability.

CVE-2025-58278 [MEDIUM] CWE-200 CVE-2025-58278: Identity authentication bypass vulnerability in the Gallery app. Successful exploitation of this vul Identity authentication bypass vulnerability in the Gallery app. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2025-58298 [MEDIUM] CWE-121 CVE-2025-58298: Data processing error vulnerability in the package management module. Successful exploitation of thi Data processing error vulnerability in the package management module. Successful exploitation of this vulnerability may affect availability.

CVE-2025-58292 [MEDIUM] CWE-27 CVE-2025-58292: Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnera Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnerability may affect availability.

CVE-2025-58293 [MEDIUM] CWE-264 CVE-2025-58293: Vulnerability of improper exception handling in the print module. Successful exploitation of this vu Vulnerability of improper exception handling in the print module. Successful exploitation of this vulnerability may affect availability.

CVE-2025-58291 [MEDIUM] CWE-29 CVE-2025-58291: Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnera Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnerability may affect availability.

CVE-2025-58286 [MEDIUM] CWE-25 CVE-2025-58286: Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnera Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnerability may affect availability.

CVE-2025-58277 [MEDIUM] CWE-200 CVE-2025-58277: Permission verification bypass vulnerability in the Camera app. Successful exploitation of this vuln Permission verification bypass vulnerability in the Camera app. Successful exploitation of this vulnerability may affect service confidentiality.