Primary

Context

Huawei HarmonyOS Privilege Escalation Vulnerability in the Account Module

Vulnerability

Patched

A privilege escalation vulnerability has been identified in the Account module of Huawei's HarmonyOS. This vulnerability affects several versions of HarmonyOS, including 4.2.0, 4.0.0, 3.0.0, 3.1.0, 2.0.0, 2.1.0, as well as EMUI 14.0.0, 13.0.0, and 12.0.0. Successful exploitation of this vulnerability may impact service confidentiality.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, potentially allowing users to gain elevated rights or access sensitive information.

Remediation

Users can refer to the January 2025 Huawei Security Bulletin for guidance on applying the latest security updates that address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

7.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

7.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Huawei HarmonyOS Privilege Escalation Vulnerability in the Account Module

Vulnerability

Impact

Remediation

Affected Products

Huawei HarmonyOS

Huawei EMUI

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating