HUAWEI EMUI security updates March 2024

We use cookies to improve our site and your experience. By continuing to browse our site you accept our cookie policy. Find out more

Security Bulletins for HUAWEI Phones/Tablets, March 2026

HUAWEI is releasing monthly security updates for flagship models. This security update includes HUAWEI and third-party library patches:

This security update includes the following HUAWEI patches:

CVE Vulnerability Description Impact Severity Affected Version
CVE-2026-28536 Authentication bypass vulnerability in the device authentication module Successful exploitation of this vulnerability will affect integrity and confidentiality. Critical HarmonyOS6.0.0, HarmonyOS5.1.0
CVE-2026-28537 Double free vulnerability in the window module Successful exploitation of this vulnerability may affect availability. High HarmonyOS6.0.0
CVE-2026-28544 Race condition vulnerability in the printing module Successful exploitation of this vulnerability may affect availability. High HarmonyOS6.0.0
CVE-2026-28545 Race condition vulnerability in the printing module Successful exploitation of this vulnerability may affect availability. High HarmonyOS6.0.0
CVE-2026-28548 Vulnerability of improper verification in the email application Successful exploitation of this vulnerability may affect service confidentiality. High HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS2.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2026-28550 Race condition vulnerability in the security control module Successful exploitation of this vulnerability may affect availability. High HarmonyOS6.0.0
CVE-2026-28552 Out-of-bounds write vulnerability in the IMS module Successful exploitation of this vulnerability may affect availability. High HarmonyOS6.0.0, HarmonyOS5.1.0, HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0
CVE-2025-66319 Permission control vulnerability in the resource scheduling module Successful exploitation of this vulnerability may affect service integrity. Medium HarmonyOS6.0.0, HarmonyOS5.1.0
CVE-2026-28538 Path traversal vulnerability in the certificate management module Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS6.0.0, HarmonyOS5.1.0
CVE-2026-28539 Data processing vulnerability in the certificate management module Successful exploitation of this vulnerability may affect service confidentiality. Medium HarmonyOS6.0.0, HarmonyOS5.1.0
CVE-2026-28540 Out-of-bounds character read vulnerability in Bluetooth Successful exploitation of this vulnerability may affect service confidentiality. Medium HarmonyOS6.0.0, HarmonyOS5.1.0
CVE-2026-28541 Permission control vulnerability in the cellular_data module Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS6.0.0, HarmonyOS5.1.0
CVE-2026-28542 Permission bypass vulnerability in the system service framework Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2026-28543 Race condition vulnerability in the maintenance and diagnostics module Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS6.0.0, HarmonyOS5.1.0
CVE-2026-28546 Buffer overflow vulnerability in the scanning module Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS6.0.0
CVE-2026-28547 Vulnerability of uninitialized pointer access in the scanning module Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS6.0.0
CVE-2026-24924 Vulnerability of improper permission control in the print module Successful exploitation of this vulnerability may affect service confidentiality. Medium HarmonyOS6.0.0
CVE-2026-28549 Race condition vulnerability in the permission management service Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS6.0.0
CVE-2026-28551 Race condition vulnerability in the device security management module Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS6.0.0, HarmonyOS5.1.0

This security update includes the following third-party library patches:

CVE Severity Affected Version
CVE-2025-48631 Critical HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2025-48606 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2025-48608 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2025-32319 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS2.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2025-48618 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2024-4628 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, HarmonyOS2.0.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0, EMUI 12.0.0
CVE-2024-49711 High HarmonyOS4.3.1, HarmonyOS4.3.0, HarmonyOS4.2.0, HarmonyOS4.0.0, HarmonyOS3.1.0, EMUI 15.0.0, EMUI 14.2.0, EMUI 14.0.0, EMUI 13.0.0
CVE-2025-66293 High HarmonyOS6.0.0, HarmonyOS5.1.0
CVE-2025-65018 High HarmonyOS6.0.0, HarmonyOS5.1.0
CVE-2025-64720 High HarmonyOS6.0.0, HarmonyOS5.1.0
CVE-2025-10200 High HarmonyOS6.0.0, HarmonyOS5.1.0
CVE-2026-22801 Medium HarmonyOS6.0.0, HarmonyOS5.1.0
CVE-2026-22695 Medium HarmonyOS6.0.0, HarmonyOS5.1.0
CVE-2025-64505 Medium HarmonyOS6.0.0, HarmonyOS5.1.0
CVE-2025-39902 Medium HarmonyOS6.0.0, HarmonyOS5.1.0
CVE-2025-39756 Medium HarmonyOS6.0.0, HarmonyOS5.1.0

Updated on: 2026-03-05

Leaving consumer.huawei.com
After clicking the link, you will enter a third-party website. Huawei is not responsible and has no control over this third party website.
Continue Return