Emui Huawei Emui

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Huawei Emui.

By the Year

In 2025 there have been 25 vulnerabilities in Huawei Emui with an average score of 7.8 out of ten. Last year, in 2024 Emui had 142 security vulnerabilities published. Right now, Emui is on track to have less security vulnerabilities in 2025 than it did last year. However, the average CVE base score of the vulnerabilities in 2025 is greater by 1.21.




Year Vulnerabilities Average Score
2025 25 7.84
2024 142 6.63
2023 224 7.43
2022 237 7.57
2021 140 7.62
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Emui vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Huawei Emui Security Vulnerabilities

Vulnerability of uncontrolled system resource applications in the setting module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2025-48902 - June 06, 2025

Vulnerability of uncontrolled system resource applications in the setting module Impact: Successful exploitation of this vulnerability may affect availability.

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

CVE-2024-58124 9.1 - Critical - April 07, 2025

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Authentication Bypass by Spoofing

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

CVE-2024-58125 9.1 - Critical - April 07, 2025

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Authentication Bypass by Spoofing

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

CVE-2024-58126 9.1 - Critical - April 07, 2025

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Authentication Bypass by Spoofing

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

CVE-2024-58127 9.1 - Critical - April 07, 2025

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Authentication Bypass by Spoofing

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

CVE-2025-31170 9.1 - Critical - April 07, 2025

Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Authentication Bypass by Spoofing

Deserialization mismatch vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may affect service integrity.

CVE-2025-31175 7.5 - High - April 07, 2025

Deserialization mismatch vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may affect service integrity.

Marshaling, Unmarshaling

Permission bypass vulnerability in the window module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-58043 5.5 - Medium - March 04, 2025

Permission bypass vulnerability in the window module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Permission verification bypass vulnerability in the notification module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-58044 5.5 - Medium - March 04, 2025

Permission verification bypass vulnerability in the notification module Impact: Successful exploitation of this vulnerability may affect availability.

Out-of-bounds array read vulnerability in the FFRT module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-57958 9.1 - Critical - February 06, 2025

Out-of-bounds array read vulnerability in the FFRT module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

Out-of-bounds Read

Use-After-Free (UAF) vulnerability in the display module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-57959 9.8 - Critical - February 06, 2025

Use-After-Free (UAF) vulnerability in the display module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

Dangling pointer

Input verification vulnerability in the ExternalStorageProvider module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-57960 7.5 - High - February 06, 2025

Input verification vulnerability in the ExternalStorageProvider module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Out-of-bounds write vulnerability in the emcom module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-57961 9.8 - Critical - February 06, 2025

Out-of-bounds write vulnerability in the emcom module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

Memory Corruption

Buffer overflow vulnerability in the component driver module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56450 5.5 - Medium - January 08, 2025

Buffer overflow vulnerability in the component driver module Impact: Successful exploitation of this vulnerability may affect availability.

Classic Buffer Overflow

Privilege escalation vulnerability in the Account module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-56449 7.5 - High - January 08, 2025

Privilege escalation vulnerability in the Account module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Vulnerability of improper access control in the home screen widget module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56448 7.5 - High - January 08, 2025

Vulnerability of improper access control in the home screen widget module Impact: Successful exploitation of this vulnerability may affect availability.

Vulnerability of improper authentication in the ANS system service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2023-52955 7.5 - High - January 08, 2025

Vulnerability of improper authentication in the ANS system service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

authentification

Vulnerability of improper permission control in the Gallery module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2023-52954 7.5 - High - January 08, 2025

Vulnerability of improper permission control in the Gallery module Impact: Successful exploitation of this vulnerability may affect availability.

Incorrect Default Permissions

Path traversal vulnerability in the Medialibrary module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

CVE-2023-52953 9.1 - Critical - January 08, 2025

Path traversal vulnerability in the Medialibrary module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Directory traversal

Vulnerability of improper permission control in the window management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-56447 7.5 - High - January 08, 2025

Vulnerability of improper permission control in the window management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Incorrect Default Permissions

Vulnerability of native APIs not being implemented in the NFC service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-56442 7.5 - High - January 08, 2025

Vulnerability of native APIs not being implemented in the NFC service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

Race condition vulnerability in the Bastet module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-56441 5.9 - Medium - January 08, 2025

Race condition vulnerability in the Bastet module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Race Condition

Permission control vulnerability in the Connectivity module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-56440 7.5 - High - January 08, 2025

Permission control vulnerability in the Connectivity module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

Incorrect Default Permissions

Vulnerability of improper memory address protection in the HUKS module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56438 7.5 - High - January 08, 2025

Vulnerability of improper memory address protection in the HUKS module Impact: Successful exploitation of this vulnerability may affect availability.

UAF vulnerability in the device node access module Impact: Successful exploitation of this vulnerability may cause service exceptions of the device.

CVE-2024-56434 7.5 - High - January 08, 2025

UAF vulnerability in the device node access module Impact: Successful exploitation of this vulnerability may cause service exceptions of the device.

File replacement vulnerability on some devices Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

CVE-2024-54099 7.1 - High - December 12, 2024

File replacement vulnerability on some devices Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Service logic error vulnerability in the system service module Impact: Successful exploitation of this vulnerability may affect service integrity.

CVE-2024-54098 7.5 - High - December 12, 2024

Service logic error vulnerability in the system service module Impact: Successful exploitation of this vulnerability may affect service integrity.

Security vulnerability in the HiView module Impact: Successful exploitation of this vulnerability may affect feature implementation and integrity.

CVE-2024-54097 7.5 - High - December 12, 2024

Security vulnerability in the HiView module Impact: Successful exploitation of this vulnerability may affect feature implementation and integrity.

Vulnerability of improper access control in the MTP module Impact: Successful exploitation of this vulnerability may affect integrity and accuracy.

CVE-2024-54096 5.5 - Medium - December 12, 2024

Vulnerability of improper access control in the MTP module Impact: Successful exploitation of this vulnerability may affect integrity and accuracy.

Vulnerability of improper access control in the secure input module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-54100 7.5 - High - December 12, 2024

Vulnerability of improper access control in the secure input module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

Denial of service (DoS) vulnerability in the installation module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-54101 5.5 - Medium - December 12, 2024

Denial of service (DoS) vulnerability in the installation module Impact: Successful exploitation of this vulnerability will affect availability.

Battery Module Data Verification Flaw in Tesla Powerwall

CVE-2024-51529 5.5 - Medium - November 05, 2024

Data verification vulnerability in the battery module Impact: Successful exploitation of this vulnerability may affect function stability.

LaunchAnywhere Account Module Privilege Escalation

CVE-2024-51530 5.5 - Medium - November 05, 2024

LaunchAnywhere vulnerability in the account module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Gallery App Permission Bypass Flaw

CVE-2024-51527 5.5 - Medium - November 05, 2024

Permission control vulnerability in the Gallery app Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Super Home Screen Log Injection Flaw

CVE-2024-51528 5.5 - Medium - November 05, 2024

Vulnerability of improper log printing in the Super Home Screen module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Insertion of Sensitive Information into Log File

Logo Module Out-of-Bounds Access in Cisco IOS XE

CVE-2024-51510 5.5 - Medium - November 05, 2024

Out-of-bounds access vulnerability in the logo module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Memory Corruption

Path traversal vulnerability in the Bluetooth module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-47292 5.5 - Medium - September 27, 2024

Path traversal vulnerability in the Bluetooth module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Directory traversal

Input validation vulnerability in the USB service module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-47290 5.5 - Medium - September 27, 2024

Input validation vulnerability in the USB service module Impact: Successful exploitation of this vulnerability may affect availability.

Permission vulnerability in the ActivityManagerService (AMS) module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-47291 5.5 - Medium - September 27, 2024

Permission vulnerability in the ActivityManagerService (AMS) module Impact: Successful exploitation of this vulnerability may affect availability.

Out-of-bounds write vulnerability in the HAL-WIFI module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-47293 7.5 - High - September 27, 2024

Out-of-bounds write vulnerability in the HAL-WIFI module Impact: Successful exploitation of this vulnerability may affect availability.

Memory Corruption

Access permission verification vulnerability in the input method framework module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-47294 7.5 - High - September 27, 2024

Access permission verification vulnerability in the input method framework module Impact: Successful exploitation of this vulnerability may affect availability.

Access permission verification vulnerability in the App Multiplier module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-9136 7.5 - High - September 27, 2024

Access permission verification vulnerability in the App Multiplier module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Vulnerability of resources not being closed or released in the keystore module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-45445 5.5 - Medium - September 04, 2024

Vulnerability of resources not being closed or released in the keystore module Impact: Successful exploitation of this vulnerability will affect availability.

Insufficient Cleanup

Access permission verification vulnerability in the camera driver module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-45446 5.5 - Medium - September 04, 2024

Access permission verification vulnerability in the camera driver module Impact: Successful exploitation of this vulnerability will affect availability.

Access control vulnerability in the camera framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-45447 5.5 - Medium - September 04, 2024

Access control vulnerability in the camera framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Page table protection configuration vulnerability in the trusted firmware module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-45448 5.5 - Medium - September 04, 2024

Page table protection configuration vulnerability in the trusted firmware module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Access permission verification vulnerability in the ringtone setting module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-45449 5.5 - Medium - September 04, 2024

Access permission verification vulnerability in the ringtone setting module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Memory request vulnerability in the memory management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-8298 5.5 - Medium - September 04, 2024

Memory request vulnerability in the memory management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Access permission verification vulnerability in the WMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-45444 5.5 - Medium - September 04, 2024

Access permission verification vulnerability in the WMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Directory traversal vulnerability in the cust module Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

CVE-2024-45443 9.1 - Critical - September 04, 2024

Directory traversal vulnerability in the cust module Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

Directory traversal

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Huawei Harmonyos or by Huawei? Click the Watch button to subscribe.

Huawei
Vendor

Huawei Emui
Product

subscribe