July

HUAWEI is releasing monthly security updates for flagship models. This security update includes HUAWEI and third-party library patches:

This security update includes the following HUAWEI patches:

CVE Vulnerability Description Impact Severity Affected Version
CVE-2025-53167 Authentication vulnerability in the distributed collaboration framework module Successful exploitation of this vulnerability may affect service confidentiality. Medium HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-53168 Vulnerability of bypassing the process to start SA and use related functions on distributed cameras Successful exploitation of this vulnerability may allow the peer device to use the camera without user awareness. Medium HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-53169 Vulnerability of bypassing the process to start SA and use related functions on distributed cameras Successful exploitation of this vulnerability may allow the peer device to use the camera without user awareness. High HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-53170 Null pointer dereference vulnerability in the application exit cause module Successful exploitation of this vulnerability may affect function stability. Medium HarmonyOS5.1.0
CVE-2024-58117 Stack overflow risk when vector images are parsed during file preview Successful exploitation of this vulnerability may affect the file preview function. High HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-53171
CVE-2025-53172
CVE-2025-53173
CVE-2025-53174
CVE-2025-53175
CVE-2025-53176
CVE-2025-53177 Permission bypass vulnerability in the calendar storage module Successful exploitation of this vulnerability may affect the schedule syncing function of watches. Medium HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, EMUI 14.0.0
CVE-2025-53178 Permission bypass vulnerability in the calendar storage module Successful exploitation of this vulnerability may affect the schedule reminder function of head units. Medium HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, EMUI 14.0.0
CVE-2025-53179 Null pointer dereference vulnerability in the PDF preview module Successful exploitation of this vulnerability may affect function stability. Medium HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-53180
CVE-2025-53181
CVE-2025-53182
CVE-2025-53183
CVE-2025-53184
CVE-2025-53185 Virtual address reuse issue in the memory management module, which can be exploited by non-privileged users to access released memory Successful exploitation of this vulnerability may affect service integrity. Medium HarmonyOS4.2.0, HarmonyOS4.0.0, EMUI 14.0.0
CVE-2025-53186 Vulnerability that allows third-party call apps to send broadcasts without verification in the audio framework module Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0

This security update includes the following third-party library patches:

CVE Severity Affected Version
CVE-2025-26455 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-26448 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2025-26458 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2025-26463 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2025-32312 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-26445 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2025-26444 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-0072 High HarmonyOS4.2.0
CVE-2025-0427 High HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 12.0.0
CVE-2024-40653 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-49740 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-22431 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2025-26429 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-22442 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-0050 High HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 12.0.0
CVE-2025-24925 Low HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-24844 Low HarmonyOS5.0.1
CVE-2025-26690 Low HarmonyOS5.0.1
CVE-2025-27562 Low HarmonyOS5.0.1
CVE-2025-25212 Low HarmonyOS5.0.1
CVE-2025-21762 High HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-21764 High HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-21785 High HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-21926 Medium HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-21999 High HarmonyOS5.1.0, HarmonyOS5.0.1
CVE-2025-26423 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-26438 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-49728 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-22437 High HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS3.0.0, HarmonyOS2.1.0, HarmonyOS2.0.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0

Updated on: 2025-07-05

Leaving consumer.huawei.com
After clicking the link, you will enter a third-party website. Huawei is not responsible and has no control over this third party website.
Return Continue