Primary

Context

Huawei HarmonyOS Permission Control Vulnerability in Distributed Component

Vulnerability

Patched

A permission control vulnerability has been identified in the distributed component of Huawei's HarmonyOS. This vulnerability affects several versions of HarmonyOS, including HarmonyOS 6.0.0, HarmonyOS 5.1.0, HarmonyOS 5.0.1, and earlier versions. The vulnerability arises from inadequate permission controls, which could be exploited to improperly access or manipulate services, potentially leading to unauthorized disclosure of information.

Impact

Exploitation of this vulnerability could result in unauthorized access to sensitive information, compromising service confidentiality.

Remediation

Users can refer to the Huawei November 2025 Security Bulletin for guidance on applying the latest security updates, which address this vulnerability.

Added: Nov 28, 2025, 3:21 AM

Updated: Nov 28, 2025, 3:21 AM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

4.7

remediation

7.7

relevance

1.1

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

4.7

remediation

7.7

relevance

1.1

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Huawei HarmonyOS Permission Control Vulnerability in Distributed Component

Vulnerability

Impact

Remediation

Affected Products

Huawei HarmonyOS

Huawei EMUI

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating