ByteOS Network

NVD Vulnerability Details :

CVE-2026-28536

Analyzed

Source-psirt@huawei.com

Published At-05 Mar, 2026 | 07:16

Updated At-06 Mar, 2026 | 19:44

Authentication bypass vulnerability in the device authentication module. Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	9.6	CRITICAL	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Primary	3.1	8.1	HIGH	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Type: Secondary

Version: 3.1

Base score: 9.6

Base severity: CRITICAL

Vector:

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Type: Primary

Version: 3.1

Base score: 8.1

Base severity: HIGH

Vector:

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CPE Matches

Huawei Technologies Co., Ltd.

>>harmonyos>>5.1.0

cpe:2.3:o:huawei:harmonyos:5.1.0:*:*:*:*:*:*:*

Huawei Technologies Co., Ltd.

>>harmonyos>>6.0.0

cpe:2.3:o:huawei:harmonyos:6.0.0:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-305	Secondary	psirt@huawei.com

CWE ID: CWE-305

Type: Secondary

Source: psirt@huawei.com

References

Hyperlink	Source	Resource
https://consumer.huawei.com/en/support/bulletin/2026/3/	psirt@huawei.com	Vendor Advisory
https://consumer.huawei.com/en/support/bulletinlaptops/2026/3/	psirt@huawei.com	Vendor Advisory
https://consumer.huawei.com/en/support/bulletinvision/2026/3/	psirt@huawei.com	Vendor Advisory

Hyperlink: https://consumer.huawei.com/en/support/bulletin/2026/3/

Source: psirt@huawei.com

Resource:

Vendor Advisory

Hyperlink: https://consumer.huawei.com/en/support/bulletinlaptops/2026/3/

Source: psirt@huawei.com

Resource:

Vendor Advisory

Hyperlink: https://consumer.huawei.com/en/support/bulletinvision/2026/3/

Source: psirt@huawei.com

Resource:

Vendor Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History