Primary

Context

Huawei HarmonyOS and EMUI Permission Bypass Vulnerability in System Service Framework

Vulnerability

A permission bypass vulnerability has been identified in the system service framework of Huawei HarmonyOS and EMUI. This vulnerability affects several versions of HarmonyOS and EMUI, including HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0, and EMUI 12.0.0. Successful exploitation of this vulnerability may impact the availability of the affected system or service.

Impact

Exploitation of this vulnerability may lead to a denial-of-service condition, causing the system or service to become unavailable.

Remediation

Users can apply the March 2026 security update, which includes a patch for this vulnerability. Instructions for downloading this update can be found on the Huawei support website.

Added: Mar 5, 2026, 9:20 AM

Updated: Mar 5, 2026, 9:20 AM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

0.6

exploitability

3.3

remediation

0.0

relevance

3.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

0.6

exploitability

3.3

remediation

0.0

relevance

3.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Huawei HarmonyOS and EMUI Permission Bypass Vulnerability in System Service Framework

Vulnerability

Impact

Remediation

Affected Products

Huawei HarmonyOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating