Security Bulletins for HUAWEI PCs, November 2025
HUAWEI is releasing monthly security updates for flagship models. This security update includes HUAWEI and third-party library patches:
This security update includes the following HUAWEI patches:
| CVE | Vulnerability Description | Impact | Severity | Affected Version |
|---|---|---|---|---|
| CVE-2025-64314 | Permission control vulnerability in the memory management module | Successful exploitation of this vulnerability may affect confidentiality. | Critical | HarmonyOS5.1.0 |
| CVE-2025-64315 | Configuration defect vulnerability in the file management module | Successful exploitation of this vulnerability may affect app data confidentiality and integrity. | High | HarmonyOS5.1.0 |
| CVE-2025-58303 | UAF vulnerability in the screen recording framework module | Successful exploitation of this vulnerability may affect availability. | High | HarmonyOS5.1.0 |
| CVE-2025-58306 | UAF vulnerability in the playback framework module | Successful exploitation of this vulnerability may affect availability. | High | HarmonyOS5.1.0 |
| CVE-2025-58316 | DoS vulnerability in the video-related system service module | Successful exploitation of this vulnerability may affect availability. | High | HarmonyOS5.1.0 |
| CVE-2025-58307 | UAF vulnerability in the screen recording framework module | Successful exploitation of this vulnerability may affect availability. | Medium | HarmonyOS5.1.0 |
| CVE-2025-58309 | Permission control vulnerability in the startup recovery module | Successful exploitation of this vulnerability will affect availability and confidentiality. | Medium | HarmonyOS5.1.0 |
| CVE-2025-58310 | Permission control vulnerability in the distributed component | Successful exploitation of this vulnerability may affect service confidentiality. | Medium | HarmonyOS5.1.0 |
| CVE-2025-58312 | Permission control vulnerability in the App Lock module | Successful exploitation of this vulnerability may affect availability. | Medium | HarmonyOS5.1.0 |
| CVE-2025-58314 | Vulnerability of accessing invalid memory in the component driver module | Successful exploitation of this vulnerability will affect availability and confidentiality. | Medium | HarmonyOS5.1.0 |
| CVE-2025-58315 | Permission control vulnerability in the Wi-Fi module | Successful exploitation of this vulnerability may affect service confidentiality. | Medium | HarmonyOS5.1.0 |
| CVE-2025-64311 | Permission control vulnerability in the Notepad module | Successful exploitation of this vulnerability may affect service confidentiality. | Medium | HarmonyOS5.1.0 |
| CVE-2025-64313 | Denial of service (DoS) vulnerability in the office service | Successful exploitation of this vulnerability may affect availability. | Medium | HarmonyOS5.1.0 |
| CVE-2025-58294 | Permission control vulnerability in the print module | Successful exploitation of this vulnerability may affect service confidentiality. | Medium | HarmonyOS5.1.0 |
This security update includes the following third-party library patches:
| CVE | Severity | Affected Version |
|---|---|---|
| CVE-2025-38555 | High | HarmonyOS5.1.0 |
| CVE-2025-25277 | Medium | HarmonyOS5.1.0 |
| CVE-2025-38342 | Medium | HarmonyOS5.1.0 |
| CVE-2025-38668 | Medium | HarmonyOS5.1.0 |
| CVE-2025-27809 | Medium | HarmonyOS5.1.0 |
| CVE-2025-38617 | Low | HarmonyOS5.1.0 |
Updated on: 2025-11-05