October

HUAWEI is releasing monthly security updates for flagship models. This security update includes HUAWEI and third-party library patches:

This security update includes the following HUAWEI patches:

CVE Vulnerability Description Impact Severity Affected Version
CVE-2025-58287 Use After Free (UAF) vulnerability in the office service Successful exploitation of this vulnerability may affect service confidentiality. High HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-58288 Denial of service (DoS) vulnerability in the office service Successful exploitation of this vulnerability may affect availability. High HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-58298 Data processing error vulnerability in the package management module Successful exploitation of this vulnerability may affect availability. High HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-58300 Buffer overflow vulnerability in the device management module Successful exploitation of this vulnerability may affect availability. High HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-58301 Buffer overflow vulnerability in the device management module Successful exploitation of this vulnerability may affect availability. High HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-54654 Permission control vulnerability in the Gallery module Successful exploitation of this vulnerability may affect service confidentiality. Medium HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-58277 Permission verification bypass vulnerability in the Camera app Successful exploitation of this vulnerability may affect service confidentiality. Medium HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-58278 Identity authentication bypass vulnerability in the Gallery app Successful exploitation of this vulnerability may affect service confidentiality. Medium HarmonyOS5.0.1
CVE-2025-58282 Permission control vulnerability in the camera module Successful exploitation of this vulnerability may affect service confidentiality. Medium HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-58283 Permission control vulnerability in the Wi-Fi module Successful exploitation of this vulnerability may affect service confidentiality. Medium HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-58284 Permission control vulnerability in the network module Successful exploitation of this vulnerability may affect service confidentiality. Medium HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-58285 Permission control vulnerability in the media module Successful exploitation of this vulnerability may affect service confidentiality. Medium HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-58286 Denial of service (DoS) vulnerability in the office service Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-58290
CVE-2025-58291
CVE-2025-58292
CVE-2025-58295 Buffer overflow vulnerability in the development framework module Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-58297 Buffer overflow vulnerability in the sensor service Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS5.1.0
CVE-2025-58299 Use After Free (UAF) vulnerability in the storage management module Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-58289 Vulnerability of improper exception handling in the print module Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-58293 Vulnerability of improper exception handling in the print module Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS5.1.0, HarmonyOS5.0.1

This security update includes the following third-party library patches:

CVE Severity Affected Version
CVE-2024-49714 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-26454 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-32321 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-32323 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-32326 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-32349 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-48526 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2025-48531 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-48535 High HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-48537 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-48538 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-48543 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-48547 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2025-48551 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2025-48552 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-48553 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-48554 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-48556 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2025-48558 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-48559 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2025-48562 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2025-1246 High HarmonyOS4.2.0, HarmonyOS2.0.0, EMUI 14.2.0, EMUI 12.0.0
CVE-2025-021701 High HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2025-38352 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2025-26450 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-38494 High HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-38495 High HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-41432 Medium HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-52458 Medium HarmonyOS5.1.0, HarmonyOS5.0.1

Updated on: 2025-10-09

Leaving consumer.huawei.com
After clicking the link, you will enter a third-party website. Huawei is not responsible and has no control over this third party website.
Return Continue