Primary

Context

Huawei HarmonyOS Out-of-Bounds Array Read Vulnerability in FFRT Module

Vulnerability

Patched

A vulnerability allowing out-of-bounds array read has been identified in the FFRT module of Huawei's HarmonyOS. This vulnerability is present in several versions, including HarmonyOS5.0.0, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, and EMUI 14.0.0. Successful exploitation of this vulnerability may lead to abnormal feature performance.

Impact

Exploitation of this vulnerability may cause features to function improperly.

Remediation

Users can apply the February 2025 security update, which includes a patch for this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

4.7

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

4.7

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Huawei HarmonyOS Out-of-Bounds Array Read Vulnerability in FFRT Module

Vulnerability

Impact

Remediation

Affected Products

Huawei HarmonyOS

Huawei EMUI

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating