Huawei HarmonyOS 5.0.0 glTF Model Loading Input Validation Vulnerability

Vulnerability

A vulnerability exists in the 3D engine module of Huawei HarmonyOS 5.0.0, where input parameters are not properly validated during the loading of glTF models. This lack of verification could be exploited, potentially leading to issues with the operating system's availability.

Impact

Exploitation of this vulnerability may disrupt the normal availability of the affected system or application.

Remediation

Users can apply the January 2025 security update to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

0.6

exploitability

3.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Huawei HarmonyOS 5.0.0 glTF Model Loading Input Validation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Huawei HarmonyOS

CVSS Scores

References

Vulnerability Rating