Huawei HarmonyOS Out-of-Bounds Array Access Vulnerability in Kernel Ambient Light Module

Vulnerability

A vulnerability allowing out-of-bounds array access has been identified in the kernel ambient light module of Huawei HarmonyOS. This issue arises from inadequate data validation, which could lead to unauthorized memory access. The vulnerability affects several versions of HarmonyOS, including HarmonyOS 4.0.0, HarmonyOS 3.1.0, HarmonyOS 3.0.0, EMUI 14.0.0, and EMUI 13.0.0.

Impact

Exploitation of this vulnerability could compromise service confidentiality.

Added: Aug 6, 2025, 4:03 AM

Updated: Aug 6, 2025, 4:03 AM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

0.6

exploitability

2.8

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

0.6

exploitability

2.8

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Huawei HarmonyOS Out-of-Bounds Array Access Vulnerability in Kernel Ambient Light Module

Vulnerability

Impact

Affected Products

Huawei HarmonyOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating