Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-68960

Summary
Assigner-huawei
Assigner Org ID-25ac1063-e409-4190-8079-24548c77ea2e
Published At-14 Jan, 2026 | 02:01
Updated At-14 Jan, 2026 | 14:51
Rejected At-
Credits

Multi-thread race condition vulnerability in the video framework module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:huawei
Assigner Org ID:25ac1063-e409-4190-8079-24548c77ea2e
Published At:14 Jan, 2026 | 02:01
Updated At:14 Jan, 2026 | 14:51
Rejected At:
â–¼CVE Numbering Authority (CNA)

Multi-thread race condition vulnerability in the video framework module. Impact: Successful exploitation of this vulnerability may affect availability.

Affected Products
Vendor
Huawei Technologies Co., Ltd.Huawei
Product
HarmonyOS
Default Status
unaffected
Versions
Affected
  • 5.1.0
  • 5.0.1
Problem Types
TypeCWE IDDescription
CWECWE-362CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Type: CWE
CWE ID: CWE-362
Description: CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Metrics
VersionBase scoreBase severityVector
3.18.4HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 8.4
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://consumer.huawei.com/en/support/bulletin/2026/1//
N/A
https://consumer.huawei.com/en/support/bulletinlaptops/2026/1//
N/A
Hyperlink: https://consumer.huawei.com/en/support/bulletin/2026/1//
Resource: N/A
Hyperlink: https://consumer.huawei.com/en/support/bulletinlaptops/2026/1//
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@huawei.com
Published At:14 Jan, 2026 | 03:15
Updated At:15 Jan, 2026 | 17:21

Multi-thread race condition vulnerability in the video framework module. Impact: Successful exploitation of this vulnerability may affect availability.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.18.4HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary3.14.7MEDIUM
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 8.4
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 4.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CPE Matches
Huawei Technologies Co., Ltd.
huawei
>>harmonyos>>5.0.1
cpe:2.3:o:huawei:harmonyos:5.0.1:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>harmonyos>>5.1.0
cpe:2.3:o:huawei:harmonyos:5.1.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-362Secondarypsirt@huawei.com
CWE ID: CWE-362
Type: Secondary
Source: psirt@huawei.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://consumer.huawei.com/en/support/bulletin/2026/1//psirt@huawei.com
Vendor Advisory
https://consumer.huawei.com/en/support/bulletinlaptops/2026/1//psirt@huawei.com
Vendor Advisory
Hyperlink: https://consumer.huawei.com/en/support/bulletin/2026/1//
Source: psirt@huawei.com
Resource:
Vendor Advisory
Hyperlink: https://consumer.huawei.com/en/support/bulletinlaptops/2026/1//
Source: psirt@huawei.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

406Records found
CVE-2021-40015
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-4.7||MEDIUM
EPSS-0.02% / 3.68%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:03
Updated-04 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a race condition vulnerability in the binder driver subsystem in the kernel.Successful exploitation of this vulnerability may affect kernel stability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosMagic UIHarmonyOS EMUI
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2024-54122
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-6.2||MEDIUM
EPSS-0.05% / 14.87%
||
7 Day CHG~0.00%
Published-12 Dec, 2024 | 12:20
Updated-14 Jan, 2025 | 18:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Concurrent variable access vulnerability in the ability module Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2024-51515
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-6.2||MEDIUM
EPSS-0.05% / 13.90%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 09:00
Updated-07 Nov, 2024 | 19:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition vulnerability in the kernel network module Impact:Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2026-34849
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-2.5||LOW
EPSS-0.00% / 0.04%
||
7 Day CHG~0.00%
Published-13 Apr, 2026 | 03:58
Updated-14 Apr, 2026 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UAF vulnerability in the screen management module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2026-34862
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-6.3||MEDIUM
EPSS-0.01% / 0.24%
||
7 Day CHG~0.00%
Published-13 Apr, 2026 | 04:09
Updated-15 Apr, 2026 | 20:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition vulnerability in the power consumption statistics module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2026-34861
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-6.3||MEDIUM
EPSS-0.01% / 0.24%
||
7 Day CHG~0.00%
Published-13 Apr, 2026 | 04:08
Updated-15 Apr, 2026 | 20:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition vulnerability in the thermal management module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2024-32997
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-8.4||HIGH
EPSS-0.03% / 9.98%
||
7 Day CHG~0.00%
Published-11 May, 2024 | 10:04
Updated-09 Dec, 2024 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition vulnerability in the binder driver module Impact: Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2026-28549
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-6.6||MEDIUM
EPSS-0.01% / 0.38%
||
7 Day CHG~0.00%
Published-05 Mar, 2026 | 08:21
Updated-13 Apr, 2026 | 06:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition vulnerability in the permission management service. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2026-28543
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 0.38%
||
7 Day CHG~0.00%
Published-05 Mar, 2026 | 07:58
Updated-05 Mar, 2026 | 21:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2026-28551
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-4.7||MEDIUM
EPSS-0.01% / 0.35%
||
7 Day CHG~0.00%
Published-05 Mar, 2026 | 08:22
Updated-05 Mar, 2026 | 21:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition vulnerability in the device security management module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2026-28545
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-5.9||MEDIUM
EPSS-0.00% / 0.05%
||
7 Day CHG~0.00%
Published-05 Mar, 2026 | 07:38
Updated-05 Mar, 2026 | 21:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2026-28550
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-4||MEDIUM
EPSS-0.00% / 0.06%
||
7 Day CHG~0.00%
Published-05 Mar, 2026 | 07:41
Updated-05 Mar, 2026 | 21:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2026-28544
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-6.2||MEDIUM
EPSS-0.00% / 0.05%
||
7 Day CHG~0.00%
Published-05 Mar, 2026 | 07:34
Updated-05 Mar, 2026 | 21:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2026-24930
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-8.4||HIGH
EPSS-0.01% / 0.43%
||
7 Day CHG~0.00%
Published-06 Feb, 2026 | 08:42
Updated-09 Feb, 2026 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UAF concurrency vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-416
Use After Free
CVE-2025-68956
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-8||HIGH
EPSS-0.01% / 0.47%
||
7 Day CHG~0.00%
Published-14 Jan, 2026 | 01:56
Updated-15 Jan, 2026 | 17:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2025-68961
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-5.1||MEDIUM
EPSS-0.00% / 0.05%
||
7 Day CHG~0.00%
Published-14 Jan, 2026 | 02:02
Updated-15 Jan, 2026 | 17:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2025-68958
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-8||HIGH
EPSS-0.00% / 0.06%
||
7 Day CHG~0.00%
Published-14 Jan, 2026 | 01:59
Updated-15 Jan, 2026 | 17:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2025-68957
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-8.4||HIGH
EPSS-0.00% / 0.08%
||
7 Day CHG~0.00%
Published-14 Jan, 2026 | 01:58
Updated-15 Jan, 2026 | 17:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2025-68962
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-5.1||MEDIUM
EPSS-0.01% / 0.34%
||
7 Day CHG~0.00%
Published-14 Jan, 2026 | 02:04
Updated-15 Jan, 2026 | 17:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2025-68969
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-6.8||MEDIUM
EPSS-0.01% / 0.42%
||
7 Day CHG~0.00%
Published-14 Jan, 2026 | 02:07
Updated-15 Jan, 2026 | 16:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multi-thread race condition vulnerability in the thermal management module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2025-68955
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-8||HIGH
EPSS-0.01% / 0.47%
||
7 Day CHG~0.00%
Published-14 Jan, 2026 | 01:51
Updated-15 Jan, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multi-thread race condition vulnerability in the card framework module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2025-66320
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-5.1||MEDIUM
EPSS-0.01% / 0.83%
||
7 Day CHG~0.00%
Published-08 Dec, 2025 | 07:47
Updated-09 Dec, 2025 | 20:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2025-66322
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-5.1||MEDIUM
EPSS-0.01% / 0.83%
||
7 Day CHG~0.00%
Published-08 Dec, 2025 | 08:01
Updated-09 Dec, 2025 | 20:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2025-66321
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-5.1||MEDIUM
EPSS-0.01% / 0.83%
||
7 Day CHG~0.00%
Published-08 Dec, 2025 | 07:50
Updated-09 Dec, 2025 | 20:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2025-66328
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-8.4||HIGH
EPSS-0.01% / 0.97%
||
7 Day CHG~0.00%
Published-08 Dec, 2025 | 08:11
Updated-08 Dec, 2025 | 20:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multi-thread race condition vulnerability in the network management module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2025-58303
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-8.4||HIGH
EPSS-0.01% / 0.53%
||
7 Day CHG~0.00%
Published-28 Nov, 2025 | 02:28
Updated-02 Dec, 2025 | 02:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UAF vulnerability in the screen recording framework module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-416
Use After Free
CVE-2025-58296
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.01% / 0.42%
||
7 Day CHG~0.00%
Published-05 Sep, 2025 | 07:57
Updated-11 Sep, 2025 | 12:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition vulnerability in the audio module. Impact: Successful exploitation of this vulnerability may affect function stability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2024-58044
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-8.4||HIGH
EPSS-0.01% / 0.45%
||
7 Day CHG~0.00%
Published-04 Mar, 2025 | 07:12
Updated-04 Mar, 2025 | 14:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Permission verification bypass vulnerability in the notification module Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-HarmonyOSEMUI
CWE ID-CWE-20
Improper Input Validation
CVE-2024-58125
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-8.4||HIGH
EPSS-0.11% / 29.68%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 03:43
Updated-07 May, 2025 | 20:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiEMUIHarmonyOS
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2024-58127
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-8.4||HIGH
EPSS-0.11% / 29.68%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 03:48
Updated-07 May, 2025 | 20:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiEMUIHarmonyOS
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2024-58124
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-8.4||HIGH
EPSS-0.11% / 29.68%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 03:41
Updated-07 May, 2025 | 20:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiEMUIHarmonyOS
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2024-58126
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-8.4||HIGH
EPSS-0.11% / 29.68%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 03:47
Updated-07 May, 2025 | 20:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiEMUIHarmonyOS
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2021-22376
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-8.4||HIGH
EPSS-0.02% / 4.51%
||
7 Day CHG~0.00%
Published-30 Jun, 2021 | 13:57
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A component of the HarmonyOS has a Improper Privilege Management vulnerability. Local attackers may exploit this vulnerability to bypass user restrictions.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-42035
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-8.4||HIGH
EPSS-0.05% / 16.28%
||
7 Day CHG~0.00%
Published-08 Aug, 2024 | 09:26
Updated-18 Sep, 2025 | 07:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Permission control vulnerability in the App Multiplier module Impact:Successful exploitation of this vulnerability may affect functionality and confidentiality.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiHarmonyOSEMUIharmonyosemui
CWE ID-CWE-862
Missing Authorization
CVE-2024-39672
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-8.4||HIGH
EPSS-0.08% / 24.43%
||
7 Day CHG~0.00%
Published-25 Jul, 2024 | 11:56
Updated-02 Aug, 2024 | 04:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory request logic vulnerability in the memory module. Impact: Successful exploitation of this vulnerability will affect integrity and availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUIharmonyosemui
CWE ID-CWE-416
Use After Free
CVE-2026-24926
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-8.4||HIGH
EPSS-0.00% / 0.12%
||
7 Day CHG~0.00%
Published-06 Feb, 2026 | 08:23
Updated-10 Feb, 2026 | 18:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write vulnerability in the camera module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-66324
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-8.4||HIGH
EPSS-0.01% / 1.20%
||
7 Day CHG~0.00%
Published-08 Dec, 2025 | 08:07
Updated-08 Dec, 2025 | 18:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affect app data integrity.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-HarmonyOS
CWE ID-CWE-269
Improper Privilege Management
CVE-2025-54625
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.87%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 02:07
Updated-20 Aug, 2025 | 18:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition vulnerability in the kernel file system module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-414
Missing Lock Check
CVE-2025-58299
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-8.4||HIGH
EPSS-0.01% / 1.21%
||
7 Day CHG~0.00%
Published-11 Oct, 2025 | 09:07
Updated-14 Oct, 2025 | 19:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use After Free (UAF) vulnerability in the storage management module. Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-HarmonyOS
CWE ID-CWE-416
Use After Free
CVE-2025-58281
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-8.4||HIGH
EPSS-0.01% / 1.54%
||
7 Day CHG~0.00%
Published-05 Sep, 2025 | 07:56
Updated-11 Sep, 2025 | 12:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds read vulnerability in the runtime interpreter module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-58302
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-8.4||HIGH
EPSS-0.01% / 0.73%
||
7 Day CHG~0.00%
Published-28 Nov, 2025 | 02:56
Updated-02 Dec, 2025 | 02:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Permission control vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CVE-2025-58280
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-8.4||HIGH
EPSS-0.06% / 18.30%
||
7 Day CHG~0.00%
Published-05 Sep, 2025 | 07:55
Updated-29 Sep, 2025 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of exposing object heap addresses in the Ark eTS module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CVE-2025-31175
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-8.4||HIGH
EPSS-0.38% / 59.61%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 03:58
Updated-07 May, 2025 | 21:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Deserialization mismatch vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may affect service integrity.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiEMUIHarmonyOS
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2025-31170
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-8.4||HIGH
EPSS-0.11% / 29.68%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 03:50
Updated-07 May, 2025 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiEMUIHarmonyOS
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2023-52553
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.4||HIGH
EPSS-0.06% / 17.39%
||
7 Day CHG~0.00%
Published-08 Apr, 2024 | 09:00
Updated-13 Mar, 2025 | 15:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition vulnerability in the Wi-Fi module. Impact: Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2023-52720
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-4.1||MEDIUM
EPSS-0.02% / 5.03%
||
7 Day CHG~0.00%
Published-11 May, 2024 | 10:06
Updated-09 Dec, 2024 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition vulnerability in the soundtrigger module Impact: Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2020-1839
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-6.3||MEDIUM
EPSS-0.02% / 5.94%
||
7 Day CHG~0.00%
Published-06 Jul, 2020 | 18:29
Updated-04 Aug, 2024 | 06:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a race condition vulnerability. There is a timing window exists in which certain pointer members can be modified by another process that is operating concurrently, an attacker should trick the user into running a crafted application with high privilege, successful exploit could cause code execution.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-mate_30mate_30_firmwareHUAWEI Mate 30
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2021-37085
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-5.9||MEDIUM
EPSS-0.13% / 32.33%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:05
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Encoding timing vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to denial of service.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2021-37073
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-3.7||LOW
EPSS-0.09% / 24.73%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:04
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the detection result is tampered with.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2021-36994
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-3.7||LOW
EPSS-0.09% / 24.73%
||
7 Day CHG~0.00%
Published-28 Oct, 2021 | 12:26
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a issue that trustlist strings being repeatedly inserted into the linked list in Huawei Smartphone due to race conditions. Successful exploitation of this vulnerability can cause exceptions when managing the system trustlist.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 8
  • 9
  • Next
Details not found