Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-24922

Summary
Assigner-huawei
Assigner Org ID-25ac1063-e409-4190-8079-24548c77ea2e
Published At-06 Feb, 2026 | 08:32
Updated At-06 Feb, 2026 | 16:40
Rejected At-
Credits

Buffer overflow vulnerability in the HDC module. Impact: Successful exploitation of this vulnerability may affect availability.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:huawei
Assigner Org ID:25ac1063-e409-4190-8079-24548c77ea2e
Published At:06 Feb, 2026 | 08:32
Updated At:06 Feb, 2026 | 16:40
Rejected At:
â–¼CVE Numbering Authority (CNA)

Buffer overflow vulnerability in the HDC module. Impact: Successful exploitation of this vulnerability may affect availability.

Affected Products
Vendor
Huawei Technologies Co., Ltd.Huawei
Product
HarmonyOS
Default Status
unaffected
Versions
Affected
  • 6.0.0
Problem Types
TypeCWE IDDescription
CWECWE-122CWE-122 Heap-based Buffer Overflow
Type: CWE
CWE ID: CWE-122
Description: CWE-122 Heap-based Buffer Overflow
Metrics
VersionBase scoreBase severityVector
3.16.9MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:H
Version: 3.1
Base score: 6.9
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://consumer.huawei.com/en/support/bulletin/2026/2/
N/A
https://consumer.huawei.com/en/support/bulletinlaptops/2026/2/
N/A
https://consumer.huawei.com/en/support/bulletinwearables/2026/2/
N/A
Hyperlink: https://consumer.huawei.com/en/support/bulletin/2026/2/
Resource: N/A
Hyperlink: https://consumer.huawei.com/en/support/bulletinlaptops/2026/2/
Resource: N/A
Hyperlink: https://consumer.huawei.com/en/support/bulletinwearables/2026/2/
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@huawei.com
Published At:06 Feb, 2026 | 09:15
Updated At:10 Feb, 2026 | 18:09

Buffer overflow vulnerability in the HDC module. Impact: Successful exploitation of this vulnerability may affect availability.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.16.9MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:H
Primary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 6.9
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:H
Type: Primary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CPE Matches
Huawei Technologies Co., Ltd.
huawei
>>harmonyos>>6.0.0
cpe:2.3:o:huawei:harmonyos:6.0.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-122Secondarypsirt@huawei.com
CWE-120Primarynvd@nist.gov
CWE ID: CWE-122
Type: Secondary
Source: psirt@huawei.com
CWE ID: CWE-120
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://consumer.huawei.com/en/support/bulletin/2026/2/psirt@huawei.com
Vendor Advisory
https://consumer.huawei.com/en/support/bulletinlaptops/2026/2/psirt@huawei.com
Vendor Advisory
https://consumer.huawei.com/en/support/bulletinwearables/2026/2/psirt@huawei.com
Vendor Advisory
Hyperlink: https://consumer.huawei.com/en/support/bulletin/2026/2/
Source: psirt@huawei.com
Resource:
Vendor Advisory
Hyperlink: https://consumer.huawei.com/en/support/bulletinlaptops/2026/2/
Source: psirt@huawei.com
Resource:
Vendor Advisory
Hyperlink: https://consumer.huawei.com/en/support/bulletinwearables/2026/2/
Source: psirt@huawei.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

316Records found
CVE-2026-24919
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6||MEDIUM
EPSS-0.00% / 0.10%
||
7 Day CHG~0.00%
Published-06 Feb, 2026 | 08:53
Updated-10 Feb, 2026 | 18:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write vulnerability in the DFX module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiEMUIHarmonyOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-24918
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.8||MEDIUM
EPSS-0.00% / 0.10%
||
7 Day CHG~0.00%
Published-06 Feb, 2026 | 08:29
Updated-10 Feb, 2026 | 17:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Address read vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiEMUIHarmonyOS
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-24914
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-4||MEDIUM
EPSS-0.00% / 0.10%
||
7 Day CHG~0.00%
Published-06 Feb, 2026 | 08:26
Updated-10 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Type confusion vulnerability in the camera module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-416
Use After Free
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2026-24920
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.2||MEDIUM
EPSS-0.00% / 0.08%
||
7 Day CHG~0.00%
Published-06 Feb, 2026 | 09:03
Updated-09 Feb, 2026 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Permission control vulnerability in the AMS module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiEMUIHarmonyOS
CVE-2026-24930
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-8.4||HIGH
EPSS-0.01% / 0.40%
||
7 Day CHG~0.00%
Published-06 Feb, 2026 | 08:42
Updated-09 Feb, 2026 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UAF concurrency vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-416
Use After Free
CVE-2024-47290
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 18.51%
||
7 Day CHG~0.00%
Published-27 Sep, 2024 | 10:15
Updated-01 Oct, 2024 | 14:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Input validation vulnerability in the USB service module Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-22417
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 4.96%
||
7 Day CHG~0.00%
Published-03 Aug, 2021 | 17:17
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Memory Leakage.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CVE-2021-22419
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 0.89%
||
7 Day CHG~0.00%
Published-03 Aug, 2021 | 17:20
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to cause persistent dos.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2021-22318
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 5.41%
||
7 Day CHG~0.00%
Published-14 Jul, 2021 | 10:46
Updated-03 Aug, 2024 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A component of the HarmonyOS 2.0 has a Null Pointer Dereference Vulnerability. Local attackers may exploit this vulnerability to cause system denial of service.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-22364
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 6.31%
||
7 Day CHG~0.00%
Published-27 May, 2021 | 12:44
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a denial of service vulnerability in the versions 10.1.0.126(C00E125R5P3) of HUAWEI Mate 30 and 10.1.0.152(C00E136R7P2) of HUAWEI Mate 30 (5G) . A module does not verify certain parameters sufficiently and it leads to some exceptions. Successful exploit could cause a denial of service condition.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-mate_30_5gmate_30mate_30_firmwaremate_30_5g_firmwareHUAWEI Mate 30;HUAWEI Mate 30 (5G)
CVE-2021-22479
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 5.72%
||
7 Day CHG~0.00%
Published-25 Feb, 2022 | 18:10
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The interface of a certain HarmonyOS module has an invalid address access vulnerability. Successful exploitation of this vulnerability may lead to kernel crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-22399
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 6.31%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 11:37
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth function to become abnormal. Affected product versions include: HUAWEI P30 10.0.0.195(C432E22R2P5), 10.0.0.200(C00E85R2P11), 10.0.0.200(C461E6R3P1), 10.0.0.201(C10E7R5P1), 10.0.0.201(C185E4R7P1), 10.0.0.206(C605E19R1P3), 10.0.0.209(C636E6R3P4), 10.0.0.210(C635E3R2P4), and versions earlier than 10.1.0.165(C01E165R2P11).

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-p30_firmwarep30HUAWEI P30
CVE-2021-22455
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 5.63%
||
7 Day CHG~0.00%
Published-28 Oct, 2021 | 12:32
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause the memory which is not released.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-22456
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 5.63%
||
7 Day CHG~0.00%
Published-28 Oct, 2021 | 12:31
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CVE-2021-22461
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 5.63%
||
7 Day CHG~0.00%
Published-28 Oct, 2021 | 12:33
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A component of the HarmonyOS has a Allocation of Resources Without Limits or Throttling vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2021-22459
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 5.63%
||
7 Day CHG~0.00%
Published-28 Oct, 2021 | 12:31
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause System functions which are unavailable.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-22465
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 5.98%
||
7 Day CHG~0.00%
Published-28 Oct, 2021 | 12:31
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A component of the HarmonyOS has a Heap-based Buffer Overflow vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-22471
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 5.63%
||
7 Day CHG~0.00%
Published-28 Oct, 2021 | 12:33
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-22462
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 5.63%
||
7 Day CHG~0.00%
Published-28 Oct, 2021 | 12:32
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause kernel crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-22454
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 5.63%
||
7 Day CHG~0.00%
Published-28 Oct, 2021 | 12:33
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause core dump.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2021-22466
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 6.27%
||
7 Day CHG~0.00%
Published-28 Oct, 2021 | 12:32
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A component of the HarmonyOS has a Use After Free vulnerability. Local attackers may exploit this vulnerability to cause kernel crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-416
Use After Free
CVE-2024-45446
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.38%
||
7 Day CHG~0.00%
Published-04 Sep, 2024 | 02:14
Updated-06 Sep, 2024 | 14:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Access permission verification vulnerability in the camera driver module Impact: Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-20
Improper Input Validation
CVE-2020-9096
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 6.31%
||
7 Day CHG~0.00%
Published-21 Aug, 2020 | 13:20
Updated-04 Aug, 2024 | 10:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HUAWEI P30 Pro smartphones with Versions earlier than 10.1.0.160(C00E160R2P8) have an out of bound read vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause out-of-bound read. This can compromise normal service.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-p30_prop30_pro_firmwareHUAWEI P30 Pro
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-9146
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 5.63%
||
7 Day CHG~0.00%
Published-01 Apr, 2021 | 17:53
Updated-04 Aug, 2024 | 10:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to cause memory leakage and doS attacks by carefully constructing attack scenarios.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-magic_uiemuiEMUI;Magic UI
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2020-9065
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 17.01%
||
7 Day CHG~0.00%
Published-26 Mar, 2020 | 14:30
Updated-04 Aug, 2024 | 10:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei smart phone Taurus-AL00B with versions earlier than 10.0.0.203(C00E201R7P2) have a use-after-free (UAF) vulnerability. An authenticated, local attacker may perform specific operations to exploit this vulnerability. Successful exploitation may tamper with the information to affect the availability.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-taurus-al00b_firmwaretaurus-al00bTaurus-AL00B
CWE ID-CWE-416
Use After Free
CVE-2025-68964
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.2||MEDIUM
EPSS-0.02% / 3.64%
||
7 Day CHG~0.00%
Published-14 Jan, 2026 | 02:11
Updated-15 Jan, 2026 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Data verification vulnerability in the HiView module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-20
Improper Input Validation
CVE-2024-45445
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-4||MEDIUM
EPSS-0.04% / 10.76%
||
7 Day CHG~0.00%
Published-04 Sep, 2024 | 01:54
Updated-06 Sep, 2024 | 13:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of resources not being closed or released in the keystore module Impact: Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-459
Incomplete Cleanup
CVE-2025-66334
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-3.3||LOW
EPSS-0.01% / 1.13%
||
7 Day CHG~0.00%
Published-08 Dec, 2025 | 08:23
Updated-08 Dec, 2025 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-494
Download of Code Without Integrity Check
CVE-2025-66331
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-3.3||LOW
EPSS-0.01% / 1.13%
||
7 Day CHG~0.00%
Published-08 Dec, 2025 | 08:12
Updated-08 Dec, 2025 | 20:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-494
Download of Code Without Integrity Check
CVE-2025-66332
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-3.3||LOW
EPSS-0.01% / 1.13%
||
7 Day CHG~0.00%
Published-08 Dec, 2025 | 08:13
Updated-08 Dec, 2025 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-494
Download of Code Without Integrity Check
CVE-2025-66333
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-3.3||LOW
EPSS-0.01% / 1.13%
||
7 Day CHG~0.00%
Published-08 Dec, 2025 | 08:18
Updated-08 Dec, 2025 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-494
Download of Code Without Integrity Check
CVE-2025-66329
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-4||MEDIUM
EPSS-0.01% / 1.55%
||
7 Day CHG~0.00%
Published-08 Dec, 2025 | 08:33
Updated-09 Dec, 2025 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Permission control vulnerability in the window management module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CVE-2025-64313
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.3||MEDIUM
EPSS-0.01% / 3.06%
||
7 Day CHG~0.00%
Published-28 Nov, 2025 | 02:49
Updated-02 Dec, 2025 | 02:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2021-40037
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 4.82%
||
7 Day CHG~0.00%
Published-07 Jan, 2022 | 22:39
Updated-04 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Vulnerability of accessing resources using an incompatible type (type confusion) in the MPTCP subsystem in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiharmonyosemuiMagic UIHarmonyOSEMUI
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2025-58307
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.4||MEDIUM
EPSS-0.01% / 1.28%
||
7 Day CHG~0.00%
Published-28 Nov, 2025 | 02:32
Updated-02 Dec, 2025 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UAF vulnerability in the screen recording framework module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-416
Use After Free
CVE-2025-54638
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 21.84%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 02:35
Updated-11 Aug, 2025 | 15:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Issue of inconsistent read/write serialization in the ad module. Impact: Successful exploitation of this vulnerability may affect the availability of the ad service.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2025-54636
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 3.17%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 02:32
Updated-11 Aug, 2025 | 15:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Issue of buffer overflow caused by insufficient data verification in the kernel drop detection module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosEMUIHarmonyOS
CWE ID-CWE-20
Improper Input Validation
CVE-2025-54645
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5||MEDIUM
EPSS-0.01% / 0.57%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 02:48
Updated-13 Aug, 2025 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds array access issue due to insufficient data verification in the location service module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2025-54634
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-8||HIGH
EPSS-0.01% / 1.54%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 02:21
Updated-11 Aug, 2025 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of improper processing of abnormal conditions in huge page separation. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2025-54614
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.2||MEDIUM
EPSS-0.02% / 3.87%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 01:24
Updated-12 Aug, 2025 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Input verification vulnerability in the home screen module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-20
Improper Input Validation
CVE-2025-54640
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.11% / 28.94%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 02:40
Updated-06 Aug, 2025 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ParcelMismatch vulnerability in attribute deserialization. Impact: Successful exploitation of this vulnerability may cause playback control screen display exceptions.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-HarmonyOS
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2025-54639
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.11% / 28.94%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 02:38
Updated-08 Dec, 2025 | 20:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ParcelMismatch vulnerability in attribute deserialization. Impact: Successful exploitation of this vulnerability may cause playback control screen display exceptions.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2025-46593
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.1||MEDIUM
EPSS-0.04% / 12.09%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 07:21
Updated-26 Sep, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-46586
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.1||MEDIUM
EPSS-0.04% / 11.23%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 07:05
Updated-26 Sep, 2025 | 18:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Permission control vulnerability in the contacts module Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-276
Incorrect Default Permissions
CWE ID-CWE-862
Missing Authorization
CVE-2023-52972
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 9.82%
||
7 Day CHG~0.00%
Published-26 Mar, 2025 | 06:39
Updated-05 Mar, 2026 | 21:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei PCs have a vulnerability that allows low-privilege users to bypass SDDL permission checks . Successful exploitation this vulnerability could lead to termination of some system processes.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-yutufz-5651s1yutufz-5651s1_senaryaudioYutuFZ-5651S1
CWE ID-CWE-284
Improper Access Control
CVE-2023-52384
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-4.7||MEDIUM
EPSS-0.02% / 6.61%
||
7 Day CHG~0.00%
Published-11 May, 2024 | 09:53
Updated-09 Dec, 2024 | 18:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double-free vulnerability in the RSMC module Impact: Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-415
Double Free
CVE-2025-58303
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-8.4||HIGH
EPSS-0.01% / 0.92%
||
7 Day CHG~0.00%
Published-28 Nov, 2025 | 02:28
Updated-02 Dec, 2025 | 02:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UAF vulnerability in the screen recording framework module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-416
Use After Free
CVE-2025-58280
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-8.4||HIGH
EPSS-0.06% / 18.52%
||
7 Day CHG~0.00%
Published-05 Sep, 2025 | 07:55
Updated-29 Sep, 2025 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of exposing object heap addresses in the Ark eTS module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CVE-2025-58276
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.8||MEDIUM
EPSS-0.01% / 1.17%
||
7 Day CHG~0.00%
Published-05 Sep, 2025 | 07:53
Updated-11 Sep, 2025 | 12:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Permission verification vulnerability in the home screen module Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiHarmonyOSEMUI
CVE-2025-58312
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.1||MEDIUM
EPSS-0.01% / 1.19%
||
7 Day CHG~0.00%
Published-28 Nov, 2025 | 02:37
Updated-02 Dec, 2025 | 02:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Permission control vulnerability in the App Lock module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • Next
Details not found