Improper Permission Control in Huawei Theme Setting Module: CVE-2026-28553 April 2026

Improper Permission Control in Huawei Theme Setting Module
CVE-2026-28553 Published on April 13, 2026

Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Vulnerability Analysis

CVE-2026-28553 can be exploited with local system access, requires user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Attack Vector:

LOCAL

Attack Complexity:

HIGH

Privileges Required:

NONE

User Interaction:

REQUIRED

Scope:

CHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

LOW

Availability Impact:

LOW

Weakness Type

Permission Issues

Weaknesses in this category are related to improper assignment or handling of permissions.

Products Associated with CVE-2026-28553

stack.watch emails you whenever new vulnerabilities are published in Huawei Harmonyos or Huawei Emui. Just hit a watch button to start following.

Affected Versions

Version 4.3.1 is affected.

Version 4.3.0 is affected.

Version 4.2.0 is affected.

Version 4.0.0 is affected.

Version 15.0.0 is affected.

Version 14.2.0 is affected.