Huawei Harmonyos
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Huawei Harmonyos.
By the Year
In 2025 there have been 28 vulnerabilities in Huawei Harmonyos with an average score of 6.9 out of ten. Last year, in 2024 Harmonyos had 141 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Harmonyos in 2025 could surpass last years number. However, the average CVE base score of the vulnerabilities in 2025 is greater by 0.20.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 28 | 6.86 |
2024 | 141 | 6.66 |
2023 | 196 | 7.55 |
2022 | 257 | 7.54 |
2021 | 118 | 7.21 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Harmonyos vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Huawei Harmonyos Security Vulnerabilities
Startup control vulnerability in the ability module
Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2024-54121
7.5 - High
- January 08, 2025
Startup control vulnerability in the ability module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
Vulnerability of improper access control in the home screen widget module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56448
7.5 - High
- January 08, 2025
Vulnerability of improper access control in the home screen widget module Impact: Successful exploitation of this vulnerability may affect availability.
Privilege escalation vulnerability in the Account module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-56449
7.5 - High
- January 08, 2025
Privilege escalation vulnerability in the Account module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Buffer overflow vulnerability in the component driver module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56450
5.5 - Medium
- January 08, 2025
Buffer overflow vulnerability in the component driver module Impact: Successful exploitation of this vulnerability may affect availability.
Classic Buffer Overflow
Integer overflow vulnerability during glTF model loading in the 3D engine module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56451
5.5 - Medium
- January 08, 2025
Integer overflow vulnerability during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
Integer Overflow or Wraparound
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56452
5.5 - Medium
- January 08, 2025
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56453
5.5 - Medium
- January 08, 2025
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56454
5.5 - Medium
- January 08, 2025
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56455
5.5 - Medium
- January 08, 2025
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56456
5.5 - Medium
- January 08, 2025
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
Vulnerability of improper memory address protection in the HUKS module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56438
7.5 - High
- January 08, 2025
Vulnerability of improper memory address protection in the HUKS module Impact: Successful exploitation of this vulnerability may affect availability.
Access control vulnerability in the identity authentication module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-56439
7.5 - High
- January 08, 2025
Access control vulnerability in the identity authentication module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Permission control vulnerability in the Connectivity module
Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2024-56440
7.5 - High
- January 08, 2025
Permission control vulnerability in the Connectivity module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
Incorrect Default Permissions
Race condition vulnerability in the Bastet module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-56441
5.9 - Medium
- January 08, 2025
Race condition vulnerability in the Bastet module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Race Condition
Vulnerability of native APIs not being implemented in the NFC service module
Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2024-56442
7.5 - High
- January 08, 2025
Vulnerability of native APIs not being implemented in the NFC service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
Cross-process screen stack vulnerability in the UIExtension module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-56443
7.5 - High
- January 08, 2025
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Cross-process screen stack vulnerability in the UIExtension module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-56444
7.5 - High
- January 08, 2025
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Instruction authentication bypass vulnerability in the Findnetwork module
Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2024-56445
5.3 - Medium
- January 08, 2025
Instruction authentication bypass vulnerability in the Findnetwork module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
authentification
Vulnerability of variables not being initialized in the notification module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56446
7.5 - High
- January 08, 2025
Vulnerability of variables not being initialized in the notification module Impact: Successful exploitation of this vulnerability may affect availability.
Use of Uninitialized Resource
Vulnerability of improper permission control in the window management module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-56447
7.5 - High
- January 08, 2025
Vulnerability of improper permission control in the window management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Incorrect Default Permissions
Path traversal vulnerability in the Medialibrary module
Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVE-2023-52953
9.1 - Critical
- January 08, 2025
Path traversal vulnerability in the Medialibrary module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
Directory traversal
Vulnerability of improper permission control in the Gallery module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2023-52954
7.5 - High
- January 08, 2025
Vulnerability of improper permission control in the Gallery module Impact: Successful exploitation of this vulnerability may affect availability.
Incorrect Default Permissions
Vulnerability of improper authentication in the ANS system service module
Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2023-52955
7.5 - High
- January 08, 2025
Vulnerability of improper authentication in the ANS system service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
authentification
Race condition vulnerability in the distributed notification module
Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2024-54120
5.9 - Medium
- January 08, 2025
Race condition vulnerability in the distributed notification module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
Race Condition
Vulnerability of input parameters not being verified in the widget framework module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56437
7.5 - High
- January 08, 2025
Vulnerability of input parameters not being verified in the widget framework module Impact: Successful exploitation of this vulnerability may affect availability.
UAF vulnerability in the device node access module
Impact: Successful exploitation of this vulnerability may cause service exceptions of the device.
CVE-2024-56434
7.5 - High
- January 08, 2025
UAF vulnerability in the device node access module Impact: Successful exploitation of this vulnerability may cause service exceptions of the device.
Cross-process screen stack vulnerability in the UIExtension module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-56435
7.5 - High
- January 08, 2025
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Cross-process screen stack vulnerability in the UIExtension module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-56436
7.5 - High
- January 08, 2025
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Cross-process screen stack vulnerability in the UIExtension module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54119
7.5 - High
- December 12, 2024
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Concurrent variable access vulnerability in the ability module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-54122
4.7 - Medium
- December 12, 2024
Concurrent variable access vulnerability in the ability module Impact: Successful exploitation of this vulnerability may affect availability.
Race Condition
Vulnerability of improper access control in the secure input module
Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2024-54100
7.5 - High
- December 12, 2024
Vulnerability of improper access control in the secure input module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
Race condition vulnerability in the DDR module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54102
5.9 - Medium
- December 12, 2024
Race condition vulnerability in the DDR module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Race Condition
Vulnerability of improper access control in the MTP module
Impact: Successful exploitation of this vulnerability may affect integrity and accuracy.
CVE-2024-54096
5.5 - Medium
- December 12, 2024
Vulnerability of improper access control in the MTP module Impact: Successful exploitation of this vulnerability may affect integrity and accuracy.
Security vulnerability in the HiView module
Impact: Successful exploitation of this vulnerability may affect feature implementation and integrity.
CVE-2024-54097
7.5 - High
- December 12, 2024
Security vulnerability in the HiView module Impact: Successful exploitation of this vulnerability may affect feature implementation and integrity.
Service logic error vulnerability in the system service module
Impact: Successful exploitation of this vulnerability may affect service integrity.
CVE-2024-54098
7.5 - High
- December 12, 2024
Service logic error vulnerability in the system service module Impact: Successful exploitation of this vulnerability may affect service integrity.
File replacement vulnerability on some devices
Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVE-2024-54099
7.1 - High
- December 12, 2024
File replacement vulnerability on some devices Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
Vulnerability of improper access control in the album module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54103
7.5 - High
- December 12, 2024
Vulnerability of improper access control in the album module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Cross-process screen stack vulnerability in the UIExtension module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54104
7.5 - High
- December 12, 2024
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Read/Write vulnerability in the image decoding module
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54105
7.5 - High
- December 12, 2024
Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.
Classic Buffer Overflow
Null pointer dereference vulnerability in the image decoding module
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54106
7.5 - High
- December 12, 2024
Null pointer dereference vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.
NULL Pointer Dereference
Read/Write vulnerability in the image decoding module
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54107
7.5 - High
- December 12, 2024
Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.
Read/Write vulnerability in the image decoding module
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54108
7.5 - High
- December 12, 2024
Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.
Read/Write vulnerability in the image decoding module
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54109
7.5 - High
- December 12, 2024
Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.
Cross-process screen stack vulnerability in the UIExtension module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54110
7.5 - High
- December 12, 2024
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Read/Write vulnerability in the image decoding module
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54111
7.5 - High
- December 12, 2024
Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability.
Cross-process screen stack vulnerability in the UIExtension module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54112
7.5 - High
- December 12, 2024
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Process residence vulnerability in abnormal scenarios in the print module
Impact: Successful exploitation of this vulnerability may affect power consumption.
CVE-2024-54113
7.5 - High
- December 12, 2024
Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect power consumption.
Out-of-bounds access vulnerability in playback in the DASH module
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54114
7.5 - High
- December 12, 2024
Out-of-bounds access vulnerability in playback in the DASH module Impact: Successful exploitation of this vulnerability will affect availability.
Out-of-bounds Read
Out-of-bounds read vulnerability in the DASH module
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-54115
7.5 - High
- December 12, 2024
Out-of-bounds read vulnerability in the DASH module Impact: Successful exploitation of this vulnerability will affect availability.
Out-of-bounds Read
Out-of-bounds read vulnerability in the M3U8 module
Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2024-54116
7.5 - High
- December 12, 2024
Out-of-bounds read vulnerability in the M3U8 module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
Out-of-bounds Read
Cross-process screen stack vulnerability in the UIExtension module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54117
7.5 - High
- December 12, 2024
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
LaunchAnywhere Account Module Privilege Escalation
CVE-2024-51530
5.5 - Medium
- November 05, 2024
LaunchAnywhere vulnerability in the account module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Battery Module Data Verification Flaw in Tesla Powerwall
CVE-2024-51529
5.5 - Medium
- November 05, 2024
Data verification vulnerability in the battery module Impact: Successful exploitation of this vulnerability may affect function stability.
HDC Module Input Validation Bypass in Cisco IOS
CVE-2024-51519
5.5 - Medium
- November 05, 2024
Vulnerability of input parameters not being verified in the HDC module Impact: Successful exploitation of this vulnerability may affect availability.
Unverified Message Type in Advanced Messaging Module
CVE-2024-51518
7.5 - High
- November 05, 2024
Vulnerability of message types not being verified in the advanced messaging modul Impact: Successful exploitation of this vulnerability may affect availability.
Samsung Phone Service Memory Access Flaw
CVE-2024-51517
5.5 - Medium
- November 05, 2024
Vulnerability of improper memory access in the phone service module Impact: Successful exploitation of this vulnerability may affect availability.
out-of-bounds array index
Super Home Screen Log Injection Flaw
CVE-2024-51528
5.5 - Medium
- November 05, 2024
Vulnerability of improper log printing in the Super Home Screen module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Insertion of Sensitive Information into Log File
Gallery App Permission Bypass Flaw
CVE-2024-51527
5.5 - Medium
- November 05, 2024
Permission control vulnerability in the Gallery app Impact: Successful exploitation of this vulnerability may affect service confidentiality.
hidebug Module Permission Bypass in Linux Kernel
CVE-2024-51526
5.5 - Medium
- November 05, 2024
Permission control vulnerability in the hidebug module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Clipboard Module Permission Bypass in Windows
CVE-2024-51525
5.5 - Medium
- November 05, 2024
Permission control vulnerability in the clipboard module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Wi-Fi Module Permission Bypass in Cisco IOS
CVE-2024-51524
5.5 - Medium
- November 05, 2024
Permission control vulnerability in the Wi-Fi module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Gallery Module Info Leak in Drupal
CVE-2024-51523
7.5 - High
- November 05, 2024
Information management vulnerability in the Gallery module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Improper Device Info Processing in Cisco DNA Center
CVE-2024-51522
5.5 - Medium
- November 05, 2024
Vulnerability of improper device information processing in the device management module Impact: Successful exploitation of this vulnerability may affect availability.
HDC Module Input Validation Bypass
CVE-2024-51520
5.5 - Medium
- November 05, 2024
Vulnerability of input parameters not being verified in the HDC module Impact: Successful exploitation of this vulnerability may affect availability.
Service Module Input Validation Flaw in Huawei
CVE-2024-51521
5.5 - Medium
- November 05, 2024
Input parameter verification vulnerability in the background service module Impact: Successful exploitation of this vulnerability may affect availability.
WantAgent Parameter Type Verification Bypass
CVE-2024-51512
5.5 - Medium
- November 05, 2024
Vulnerability of parameter type not being verified in the WantAgent module Impact: Successful exploitation of this vulnerability may affect availability.
WantAgent Parameter Type Verification Bypass
CVE-2024-51511
5.5 - Medium
- November 05, 2024
Vulnerability of parameter type not being verified in the WantAgent module Impact: Successful exploitation of this vulnerability may affect availability.
Logo Module Out-of-Bounds Access in Cisco IOS XE
CVE-2024-51510
5.5 - Medium
- November 05, 2024
Out-of-bounds access vulnerability in the logo module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Memory Corruption
VPN Module Process Termination Flaw
CVE-2024-51513
5.5 - Medium
- November 05, 2024
Vulnerability of processes not being fully terminated in the VPN module Impact: Successful exploitation of this vulnerability will affect power consumption.
VPN Module Pop-up Window Hijacking
CVE-2024-51514
5.5 - Medium
- November 05, 2024
Vulnerability of pop-up windows belonging to no app in the VPN module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Linux Kernel Network Module Race Condition
CVE-2024-51515
4.7 - Medium
- November 05, 2024
Race condition vulnerability in the kernel network module Impact:Successful exploitation of this vulnerability may affect availability.
Race Condition
Permission Bypass in HarmonyOS Ability Module
CVE-2024-51516
5.5 - Medium
- November 05, 2024
Permission control vulnerability in the ability module Impact: Successful exploitation of this vulnerability may cause features to function abnormally.
Access permission verification vulnerability in the App Multiplier module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-9136
7.5 - High
- September 27, 2024
Access permission verification vulnerability in the App Multiplier module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Access permission verification vulnerability in the input method framework module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-47294
7.5 - High
- September 27, 2024
Access permission verification vulnerability in the input method framework module Impact: Successful exploitation of this vulnerability may affect availability.
Out-of-bounds write vulnerability in the HAL-WIFI module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-47293
7.5 - High
- September 27, 2024
Out-of-bounds write vulnerability in the HAL-WIFI module Impact: Successful exploitation of this vulnerability may affect availability.
Memory Corruption
Path traversal vulnerability in the Bluetooth module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-47292
5.5 - Medium
- September 27, 2024
Path traversal vulnerability in the Bluetooth module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Directory traversal
Permission vulnerability in the ActivityManagerService (AMS) module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-47291
5.5 - Medium
- September 27, 2024
Permission vulnerability in the ActivityManagerService (AMS) module Impact: Successful exploitation of this vulnerability may affect availability.
Input validation vulnerability in the USB service module
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-47290
5.5 - Medium
- September 27, 2024
Input validation vulnerability in the USB service module Impact: Successful exploitation of this vulnerability may affect availability.
Vulnerability of resources not being closed or released in the keystore module
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-45445
5.5 - Medium
- September 04, 2024
Vulnerability of resources not being closed or released in the keystore module Impact: Successful exploitation of this vulnerability will affect availability.
Insufficient Cleanup
Access permission verification vulnerability in the WMS module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-45444
5.5 - Medium
- September 04, 2024
Access permission verification vulnerability in the WMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Directory traversal vulnerability in the cust module
Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
CVE-2024-45443
9.1 - Critical
- September 04, 2024
Directory traversal vulnerability in the cust module Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
Directory traversal
Memory request vulnerability in the memory management module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-8298
5.5 - Medium
- September 04, 2024
Memory request vulnerability in the memory management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Access permission verification vulnerability in the ringtone setting module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-45449
5.5 - Medium
- September 04, 2024
Access permission verification vulnerability in the ringtone setting module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Page table protection configuration vulnerability in the trusted firmware module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-45448
5.5 - Medium
- September 04, 2024
Page table protection configuration vulnerability in the trusted firmware module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Access control vulnerability in the camera framework module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-45447
5.5 - Medium
- September 04, 2024
Access control vulnerability in the camera framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Access permission verification vulnerability in the camera driver module
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-45446
5.5 - Medium
- September 04, 2024
Access permission verification vulnerability in the camera driver module Impact: Successful exploitation of this vulnerability will affect availability.
Permission control vulnerability in the software update module
CVE-2024-45450
7.5 - High
- September 04, 2024
Permission control vulnerability in the software update module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Input verification vulnerability in the system service module
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-45441
7.5 - High
- September 04, 2024
Input verification vulnerability in the system service module Impact: Successful exploitation of this vulnerability will affect availability.
Access control vulnerability in the SystemUI module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-42039
7.5 - High
- September 04, 2024
Access control vulnerability in the SystemUI module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Vulnerability of permission verification for APIs in the DownloadProviderMain module
Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-45442
7.5 - High
- September 04, 2024
Vulnerability of permission verification for APIs in the DownloadProviderMain module Impact: Successful exploitation of this vulnerability will affect availability.
Access control vulnerability in the security verification module
mpact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVE-2024-42033
7.1 - High
- August 08, 2024
Access control vulnerability in the security verification module mpact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
Access permission verification vulnerability in the Notepad module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-42036
7.5 - High
- August 08, 2024
Access permission verification vulnerability in the Notepad module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Vulnerability of uncaught exceptions in the Graphics module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-42037
6.2 - Medium
- August 08, 2024
Vulnerability of uncaught exceptions in the Graphics module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Permission control vulnerability in the App Multiplier module
Impact:Successful exploitation of this vulnerability may affect functionality and confidentiality.
CVE-2024-42035
7.8 - High
- August 08, 2024
Permission control vulnerability in the App Multiplier module Impact:Successful exploitation of this vulnerability may affect functionality and confidentiality.
LaunchAnywhere vulnerability in the account module
CVE-2024-42034
5.5 - Medium
- August 08, 2024
LaunchAnywhere vulnerability in the account module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Vulnerability of PIN enhancement failures in the screen lock module
Impact: Successful exploitation of this vulnerability may affect service confidentiality
CVE-2024-42038
7.8 - High
- August 08, 2024
Vulnerability of PIN enhancement failures in the screen lock module Impact: Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.
Access permission verification vulnerability in the content sharing pop-up module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-42030
6.2 - Medium
- August 08, 2024
Access permission verification vulnerability in the content sharing pop-up module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Access permission verification vulnerability in the Contacts module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-42032
5.5 - Medium
- August 08, 2024
Access permission verification vulnerability in the Contacts module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Access permission verification vulnerability in the Settings module
CVE-2024-42031
7.5 - High
- August 08, 2024
Access permission verification vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Permission verification vulnerability in the lock screen module
Impact: Successful exploitation of this vulnerability may affect availability
CVE-2023-7265
6.2 - Medium
- August 08, 2024
Permission verification vulnerability in the lock screen module Impact: Successful exploitation of this vulnerability may affect availability
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Huawei Harmonyos or by Huawei? Click the Watch button to subscribe.