Harmonyos Huawei Harmonyos

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Huawei Harmonyos.

By the Year

In 2025 there have been 28 vulnerabilities in Huawei Harmonyos with an average score of 6.9 out of ten. Last year, in 2024 Harmonyos had 141 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Harmonyos in 2025 could surpass last years number. However, the average CVE base score of the vulnerabilities in 2025 is greater by 0.20.




Year Vulnerabilities Average Score
2025 28 6.86
2024 141 6.66
2023 196 7.55
2022 257 7.54
2021 118 7.21
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Harmonyos vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Huawei Harmonyos Security Vulnerabilities

Startup control vulnerability in the ability module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-54121 7.5 - High - January 08, 2025

Startup control vulnerability in the ability module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

Vulnerability of improper access control in the home screen widget module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56448 7.5 - High - January 08, 2025

Vulnerability of improper access control in the home screen widget module Impact: Successful exploitation of this vulnerability may affect availability.

Privilege escalation vulnerability in the Account module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-56449 7.5 - High - January 08, 2025

Privilege escalation vulnerability in the Account module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Buffer overflow vulnerability in the component driver module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56450 5.5 - Medium - January 08, 2025

Buffer overflow vulnerability in the component driver module Impact: Successful exploitation of this vulnerability may affect availability.

Classic Buffer Overflow

Integer overflow vulnerability during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56451 5.5 - Medium - January 08, 2025

Integer overflow vulnerability during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.

Integer Overflow or Wraparound

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56452 5.5 - Medium - January 08, 2025

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56453 5.5 - Medium - January 08, 2025

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56454 5.5 - Medium - January 08, 2025

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56455 5.5 - Medium - January 08, 2025

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56456 5.5 - Medium - January 08, 2025

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.

Vulnerability of improper memory address protection in the HUKS module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56438 7.5 - High - January 08, 2025

Vulnerability of improper memory address protection in the HUKS module Impact: Successful exploitation of this vulnerability may affect availability.

Access control vulnerability in the identity authentication module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-56439 7.5 - High - January 08, 2025

Access control vulnerability in the identity authentication module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Permission control vulnerability in the Connectivity module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-56440 7.5 - High - January 08, 2025

Permission control vulnerability in the Connectivity module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

Incorrect Default Permissions

Race condition vulnerability in the Bastet module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-56441 5.9 - Medium - January 08, 2025

Race condition vulnerability in the Bastet module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Race Condition

Vulnerability of native APIs not being implemented in the NFC service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-56442 7.5 - High - January 08, 2025

Vulnerability of native APIs not being implemented in the NFC service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-56443 7.5 - High - January 08, 2025

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-56444 7.5 - High - January 08, 2025

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Instruction authentication bypass vulnerability in the Findnetwork module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-56445 5.3 - Medium - January 08, 2025

Instruction authentication bypass vulnerability in the Findnetwork module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

authentification

Vulnerability of variables not being initialized in the notification module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56446 7.5 - High - January 08, 2025

Vulnerability of variables not being initialized in the notification module Impact: Successful exploitation of this vulnerability may affect availability.

Use of Uninitialized Resource

Vulnerability of improper permission control in the window management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-56447 7.5 - High - January 08, 2025

Vulnerability of improper permission control in the window management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Incorrect Default Permissions

Path traversal vulnerability in the Medialibrary module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

CVE-2023-52953 9.1 - Critical - January 08, 2025

Path traversal vulnerability in the Medialibrary module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Directory traversal

Vulnerability of improper permission control in the Gallery module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2023-52954 7.5 - High - January 08, 2025

Vulnerability of improper permission control in the Gallery module Impact: Successful exploitation of this vulnerability may affect availability.

Incorrect Default Permissions

Vulnerability of improper authentication in the ANS system service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2023-52955 7.5 - High - January 08, 2025

Vulnerability of improper authentication in the ANS system service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

authentification

Race condition vulnerability in the distributed notification module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-54120 5.9 - Medium - January 08, 2025

Race condition vulnerability in the distributed notification module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

Race Condition

Vulnerability of input parameters not being verified in the widget framework module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-56437 7.5 - High - January 08, 2025

Vulnerability of input parameters not being verified in the widget framework module Impact: Successful exploitation of this vulnerability may affect availability.

UAF vulnerability in the device node access module Impact: Successful exploitation of this vulnerability may cause service exceptions of the device.

CVE-2024-56434 7.5 - High - January 08, 2025

UAF vulnerability in the device node access module Impact: Successful exploitation of this vulnerability may cause service exceptions of the device.

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-56435 7.5 - High - January 08, 2025

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-56436 7.5 - High - January 08, 2025

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-54119 7.5 - High - December 12, 2024

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Concurrent variable access vulnerability in the ability module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-54122 4.7 - Medium - December 12, 2024

Concurrent variable access vulnerability in the ability module Impact: Successful exploitation of this vulnerability may affect availability.

Race Condition

Vulnerability of improper access control in the secure input module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-54100 7.5 - High - December 12, 2024

Vulnerability of improper access control in the secure input module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

Race condition vulnerability in the DDR module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-54102 5.9 - Medium - December 12, 2024

Race condition vulnerability in the DDR module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Race Condition

Vulnerability of improper access control in the MTP module Impact: Successful exploitation of this vulnerability may affect integrity and accuracy.

CVE-2024-54096 5.5 - Medium - December 12, 2024

Vulnerability of improper access control in the MTP module Impact: Successful exploitation of this vulnerability may affect integrity and accuracy.

Security vulnerability in the HiView module Impact: Successful exploitation of this vulnerability may affect feature implementation and integrity.

CVE-2024-54097 7.5 - High - December 12, 2024

Security vulnerability in the HiView module Impact: Successful exploitation of this vulnerability may affect feature implementation and integrity.

Service logic error vulnerability in the system service module Impact: Successful exploitation of this vulnerability may affect service integrity.

CVE-2024-54098 7.5 - High - December 12, 2024

Service logic error vulnerability in the system service module Impact: Successful exploitation of this vulnerability may affect service integrity.

File replacement vulnerability on some devices Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

CVE-2024-54099 7.1 - High - December 12, 2024

File replacement vulnerability on some devices Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Vulnerability of improper access control in the album module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-54103 7.5 - High - December 12, 2024

Vulnerability of improper access control in the album module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-54104 7.5 - High - December 12, 2024

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-54105 7.5 - High - December 12, 2024

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

Classic Buffer Overflow

Null pointer dereference vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-54106 7.5 - High - December 12, 2024

Null pointer dereference vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

NULL Pointer Dereference

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-54107 7.5 - High - December 12, 2024

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-54108 7.5 - High - December 12, 2024

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-54109 7.5 - High - December 12, 2024

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-54110 7.5 - High - December 12, 2024

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-54111 7.5 - High - December 12, 2024

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-54112 7.5 - High - December 12, 2024

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect power consumption.

CVE-2024-54113 7.5 - High - December 12, 2024

Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect power consumption.

Out-of-bounds access vulnerability in playback in the DASH module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-54114 7.5 - High - December 12, 2024

Out-of-bounds access vulnerability in playback in the DASH module Impact: Successful exploitation of this vulnerability will affect availability.

Out-of-bounds Read

Out-of-bounds read vulnerability in the DASH module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-54115 7.5 - High - December 12, 2024

Out-of-bounds read vulnerability in the DASH module Impact: Successful exploitation of this vulnerability will affect availability.

Out-of-bounds Read

Out-of-bounds read vulnerability in the M3U8 module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2024-54116 7.5 - High - December 12, 2024

Out-of-bounds read vulnerability in the M3U8 module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

Out-of-bounds Read

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-54117 7.5 - High - December 12, 2024

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

LaunchAnywhere Account Module Privilege Escalation

CVE-2024-51530 5.5 - Medium - November 05, 2024

LaunchAnywhere vulnerability in the account module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Battery Module Data Verification Flaw in Tesla Powerwall

CVE-2024-51529 5.5 - Medium - November 05, 2024

Data verification vulnerability in the battery module Impact: Successful exploitation of this vulnerability may affect function stability.

HDC Module Input Validation Bypass in Cisco IOS

CVE-2024-51519 5.5 - Medium - November 05, 2024

Vulnerability of input parameters not being verified in the HDC module Impact: Successful exploitation of this vulnerability may affect availability.

Unverified Message Type in Advanced Messaging Module

CVE-2024-51518 7.5 - High - November 05, 2024

Vulnerability of message types not being verified in the advanced messaging modul Impact: Successful exploitation of this vulnerability may affect availability.

Samsung Phone Service Memory Access Flaw

CVE-2024-51517 5.5 - Medium - November 05, 2024

Vulnerability of improper memory access in the phone service module Impact: Successful exploitation of this vulnerability may affect availability.

out-of-bounds array index

Super Home Screen Log Injection Flaw

CVE-2024-51528 5.5 - Medium - November 05, 2024

Vulnerability of improper log printing in the Super Home Screen module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Insertion of Sensitive Information into Log File

Gallery App Permission Bypass Flaw

CVE-2024-51527 5.5 - Medium - November 05, 2024

Permission control vulnerability in the Gallery app Impact: Successful exploitation of this vulnerability may affect service confidentiality.

hidebug Module Permission Bypass in Linux Kernel

CVE-2024-51526 5.5 - Medium - November 05, 2024

Permission control vulnerability in the hidebug module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Clipboard Module Permission Bypass in Windows

CVE-2024-51525 5.5 - Medium - November 05, 2024

Permission control vulnerability in the clipboard module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Wi-Fi Module Permission Bypass in Cisco IOS

CVE-2024-51524 5.5 - Medium - November 05, 2024

Permission control vulnerability in the Wi-Fi module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Gallery Module Info Leak in Drupal

CVE-2024-51523 7.5 - High - November 05, 2024

Information management vulnerability in the Gallery module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Improper Device Info Processing in Cisco DNA Center

CVE-2024-51522 5.5 - Medium - November 05, 2024

Vulnerability of improper device information processing in the device management module Impact: Successful exploitation of this vulnerability may affect availability.

HDC Module Input Validation Bypass

CVE-2024-51520 5.5 - Medium - November 05, 2024

Vulnerability of input parameters not being verified in the HDC module Impact: Successful exploitation of this vulnerability may affect availability.

Service Module Input Validation Flaw in Huawei

CVE-2024-51521 5.5 - Medium - November 05, 2024

Input parameter verification vulnerability in the background service module Impact: Successful exploitation of this vulnerability may affect availability.

WantAgent Parameter Type Verification Bypass

CVE-2024-51512 5.5 - Medium - November 05, 2024

Vulnerability of parameter type not being verified in the WantAgent module Impact: Successful exploitation of this vulnerability may affect availability.

WantAgent Parameter Type Verification Bypass

CVE-2024-51511 5.5 - Medium - November 05, 2024

Vulnerability of parameter type not being verified in the WantAgent module Impact: Successful exploitation of this vulnerability may affect availability.

Logo Module Out-of-Bounds Access in Cisco IOS XE

CVE-2024-51510 5.5 - Medium - November 05, 2024

Out-of-bounds access vulnerability in the logo module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Memory Corruption

VPN Module Process Termination Flaw

CVE-2024-51513 5.5 - Medium - November 05, 2024

Vulnerability of processes not being fully terminated in the VPN module Impact: Successful exploitation of this vulnerability will affect power consumption.

VPN Module Pop-up Window Hijacking

CVE-2024-51514 5.5 - Medium - November 05, 2024

Vulnerability of pop-up windows belonging to no app in the VPN module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Linux Kernel Network Module Race Condition

CVE-2024-51515 4.7 - Medium - November 05, 2024

Race condition vulnerability in the kernel network module Impact:Successful exploitation of this vulnerability may affect availability.

Race Condition

Permission Bypass in HarmonyOS Ability Module

CVE-2024-51516 5.5 - Medium - November 05, 2024

Permission control vulnerability in the ability module Impact: Successful exploitation of this vulnerability may cause features to function abnormally.

Access permission verification vulnerability in the App Multiplier module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-9136 7.5 - High - September 27, 2024

Access permission verification vulnerability in the App Multiplier module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Access permission verification vulnerability in the input method framework module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-47294 7.5 - High - September 27, 2024

Access permission verification vulnerability in the input method framework module Impact: Successful exploitation of this vulnerability may affect availability.

Out-of-bounds write vulnerability in the HAL-WIFI module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-47293 7.5 - High - September 27, 2024

Out-of-bounds write vulnerability in the HAL-WIFI module Impact: Successful exploitation of this vulnerability may affect availability.

Memory Corruption

Path traversal vulnerability in the Bluetooth module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-47292 5.5 - Medium - September 27, 2024

Path traversal vulnerability in the Bluetooth module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Directory traversal

Permission vulnerability in the ActivityManagerService (AMS) module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-47291 5.5 - Medium - September 27, 2024

Permission vulnerability in the ActivityManagerService (AMS) module Impact: Successful exploitation of this vulnerability may affect availability.

Input validation vulnerability in the USB service module Impact: Successful exploitation of this vulnerability may affect availability.

CVE-2024-47290 5.5 - Medium - September 27, 2024

Input validation vulnerability in the USB service module Impact: Successful exploitation of this vulnerability may affect availability.

Vulnerability of resources not being closed or released in the keystore module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-45445 5.5 - Medium - September 04, 2024

Vulnerability of resources not being closed or released in the keystore module Impact: Successful exploitation of this vulnerability will affect availability.

Insufficient Cleanup

Access permission verification vulnerability in the WMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-45444 5.5 - Medium - September 04, 2024

Access permission verification vulnerability in the WMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Directory traversal vulnerability in the cust module Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

CVE-2024-45443 9.1 - Critical - September 04, 2024

Directory traversal vulnerability in the cust module Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

Directory traversal

Memory request vulnerability in the memory management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-8298 5.5 - Medium - September 04, 2024

Memory request vulnerability in the memory management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Access permission verification vulnerability in the ringtone setting module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-45449 5.5 - Medium - September 04, 2024

Access permission verification vulnerability in the ringtone setting module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Page table protection configuration vulnerability in the trusted firmware module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-45448 5.5 - Medium - September 04, 2024

Page table protection configuration vulnerability in the trusted firmware module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Access control vulnerability in the camera framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-45447 5.5 - Medium - September 04, 2024

Access control vulnerability in the camera framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Access permission verification vulnerability in the camera driver module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-45446 5.5 - Medium - September 04, 2024

Access permission verification vulnerability in the camera driver module Impact: Successful exploitation of this vulnerability will affect availability.

Permission control vulnerability in the software update module

CVE-2024-45450 7.5 - High - September 04, 2024

Permission control vulnerability in the software update module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Input verification vulnerability in the system service module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-45441 7.5 - High - September 04, 2024

Input verification vulnerability in the system service module Impact: Successful exploitation of this vulnerability will affect availability.

Access control vulnerability in the SystemUI module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-42039 7.5 - High - September 04, 2024

Access control vulnerability in the SystemUI module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Vulnerability of permission verification for APIs in the DownloadProviderMain module Impact: Successful exploitation of this vulnerability will affect availability.

CVE-2024-45442 7.5 - High - September 04, 2024

Vulnerability of permission verification for APIs in the DownloadProviderMain module Impact: Successful exploitation of this vulnerability will affect availability.

Access control vulnerability in the security verification module mpact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

CVE-2024-42033 7.1 - High - August 08, 2024

Access control vulnerability in the security verification module mpact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Access permission verification vulnerability in the Notepad module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-42036 7.5 - High - August 08, 2024

Access permission verification vulnerability in the Notepad module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Vulnerability of uncaught exceptions in the Graphics module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-42037 6.2 - Medium - August 08, 2024

Vulnerability of uncaught exceptions in the Graphics module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Permission control vulnerability in the App Multiplier module Impact:Successful exploitation of this vulnerability may affect functionality and confidentiality.

CVE-2024-42035 7.8 - High - August 08, 2024

Permission control vulnerability in the App Multiplier module Impact:Successful exploitation of this vulnerability may affect functionality and confidentiality.

LaunchAnywhere vulnerability in the account module

CVE-2024-42034 5.5 - Medium - August 08, 2024

LaunchAnywhere vulnerability in the account module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Vulnerability of PIN enhancement failures in the screen lock module Impact: Successful exploitation of this vulnerability may affect service confidentiality

CVE-2024-42038 7.8 - High - August 08, 2024

Vulnerability of PIN enhancement failures in the screen lock module Impact: Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.

Access permission verification vulnerability in the content sharing pop-up module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-42030 6.2 - Medium - August 08, 2024

Access permission verification vulnerability in the content sharing pop-up module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Access permission verification vulnerability in the Contacts module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2024-42032 5.5 - Medium - August 08, 2024

Access permission verification vulnerability in the Contacts module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Access permission verification vulnerability in the Settings module

CVE-2024-42031 7.5 - High - August 08, 2024

Access permission verification vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Permission verification vulnerability in the lock screen module Impact: Successful exploitation of this vulnerability may affect availability

CVE-2023-7265 6.2 - Medium - August 08, 2024

Permission verification vulnerability in the lock screen module Impact: Successful exploitation of this vulnerability may affect availability

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Huawei Harmonyos or by Huawei? Click the Watch button to subscribe.

Huawei
Vendor

subscribe