April

HUAWEI is releasing monthly security updates for flagship models. This security update includes HUAWEI and third-party library patches:

This security update includes the following HUAWEI patches:

CVE Vulnerability Description Impact Severity Affected Version
CVE-2025-31170 Access control vulnerability in the security verification module Successful exploitation of this vulnerability will affect integrity and confidentiality. High HarmonyOS5.0.0, HarmonyOS4.3.0, HarmonyOS4.0.0, EMUI 14.0.0
CVE-2025-31172 Memory write permission bypass vulnerability in the kernel futex module Successful exploitation of this vulnerability may affect service confidentiality. High HarmonyOS5.0.0
CVE-2025-31173 Memory write permission bypass vulnerability in the kernel futex module Successful exploitation of this vulnerability may affect service confidentiality. High HarmonyOS5.0.0
CVE-2025-31175 Deserialization mismatch vulnerability in the DSoftBus module Successful exploitation of this vulnerability may affect service integrity. High HarmonyOS2.0.0, HarmonyOS2.1.0, HarmonyOS3.0.0, HarmonyOS3.1.0, HarmonyOS4.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-58111 Exception capture failure vulnerability in the SVG parsing module of the ArkUI framework Successful exploitation of this vulnerability may affect availability. High HarmonyOS5.0.0
CVE-2024-58112 Exception capture failure vulnerability in the SVG parsing module of the ArkUI framework Successful exploitation of this vulnerability may affect availability. High HarmonyOS5.0.0
CVE-2024-58113 Vulnerability of improper resource management in the memory management module Successful exploitation of this vulnerability may affect availability. High HarmonyOS5.0.0
CVE-2024-58115 Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework Successful exploitation of this vulnerability may affect availability. High HarmonyOS5.0.0
CVE-2024-58116 Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework Successful exploitation of this vulnerability may affect availability. High HarmonyOS5.0.0
CVE-2024-58124 Access control vulnerability in the security verification module Successful exploitation of this vulnerability will affect integrity and confidentiality. High HarmonyOS4.0.0, EMUI 14.0.0
CVE-2024-58125 Access control vulnerability in the security verification module Successful exploitation of this vulnerability will affect integrity and confidentiality. High HarmonyOS4.3.0, HarmonyOS4.0.0, EMUI 14.0.0
CVE-2024-58126 Access control vulnerability in the security verification module Successful exploitation of this vulnerability will affect integrity and confidentiality. High HarmonyOS4.3.0, HarmonyOS4.0.0, EMUI 14.0.0
CVE-2024-58127 Access control vulnerability in the security verification module Successful exploitation of this vulnerability will affect integrity and confidentiality. High HarmonyOS4.3.0, HarmonyOS4.0.0, EMUI 14.0.0
CVE-2024-58106 Buffer overflow vulnerability in the codec module Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS5.0.0
CVE-2024-58107 Buffer overflow vulnerability in the codec module Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS5.0.0
CVE-2024-58108 Buffer overflow vulnerability in the codec module Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS5.0.0
CVE-2024-58109 Buffer overflow vulnerability in the codec module Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS5.0.0
CVE-2024-58110 Buffer overflow vulnerability in the codec module Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS5.0.0
CVE-2025-31171 File read permission bypass vulnerability in the kernel file system module Successful exploitation of this vulnerability may affect service confidentiality. Medium HarmonyOS5.0.0
CVE-2025-31174 Path traversal vulnerability in the DFS module Successful exploitation of this vulnerability may affect service confidentiality. Medium HarmonyOS5.0.0

This security update includes the following third-party library patches:

CVE Severity Affected Version
CVE-2025-0081 Critical HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-0086 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-0078 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2024-53014 High HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-49836 High HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2024-53024 High HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-49838 High HarmonyOS4.0.0, HarmonyOS3.1.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2024-49746 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-49738 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-49745 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2023-52501 High HarmonyOS5.0.0
CVE-2024-56600 High HarmonyOS5.0.0
CVE-2024-56601 High HarmonyOS5.0.0
CVE-2024-56606 High HarmonyOS5.0.0
CVE-2024-26878 Medium HarmonyOS5.0.0
CVE-2024-27047 Medium HarmonyOS5.0.0
CVE-2024-41055 Medium HarmonyOS5.0.0
CVE-2024-47668 Medium HarmonyOS5.0.0
CVE-2024-57874 Medium HarmonyOS5.0.0
CVE-2024-13176 Medium HarmonyOS5.0.0
CVE-2024-46826 Medium HarmonyOS5.0.0
CVE-2025-20102 Low HarmonyOS5.0.0
CVE-2025-22452 Low HarmonyOS5.0.0
CVE-2025-22842 Low HarmonyOS5.0.0
CVE-2025-24304 Low HarmonyOS5.0.0
CVE-2025-27534 Low HarmonyOS5.0.0
CVE-2024-56644 Low HarmonyOS5.0.0

Updated on: 2025-04-05

Leaving consumer.huawei.com
After clicking the link, you will enter a third-party website. Huawei is not responsible and has no control over this third party website.
Return Continue