Primary

Context

Huawei HarmonyOS ArkUI Framework Buffer Overflow Vulnerability in SVG Parsing Module

Vulnerability

Patched

A buffer overflow vulnerability has been identified in the SVG parsing module of the ArkUI framework within Huawei's HarmonyOS. This vulnerability, present in HarmonyOS 5.0.0, can be exploited to cause a buffer overflow, potentially leading to arbitrary code execution or other unintended behavior.

Impact

Exploitation of this vulnerability can lead to a buffer overflow, which may be used to execute arbitrary code or cause a crash, disrupting service availability.

Remediation

Users can refer to the Huawei Security Bulletin for April 2025 for guidance on applying the latest security updates that address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

4.7

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

4.7

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Huawei HarmonyOS ArkUI Framework Buffer Overflow Vulnerability in SVG Parsing Module

Vulnerability

Impact

Remediation

Affected Products

Huawei HarmonyOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating