June

HUAWEI is releasing monthly security updates for flagship models. This security update includes HUAWEI and third-party library patches:

This security update includes the following HUAWEI patches:

CVE Vulnerability Description Impact Severity Affected Version
CVE-2024-58114 Resource allocation control failure vulnerability in the ArkUI framework Successful exploitation of this vulnerability may affect availability. High HarmonyOS5.0.1, HarmonyOS5.0.2
CVE-2025-48904 Vulnerability that cards can call unauthorized APIs in the FRS process Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS5.0.1, HarmonyOS5.0.2
CVE-2025-48905 Wasm exception capture vulnerability in the arkweb v8 module Successful exploitation of this vulnerability may cause the failure to capture specific Wasm exception types. High HarmonyOS5.0.1, HarmonyOS5.0.2
CVE-2025-48907 Deserialization vulnerability in the IPC module Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS5.0.1, HarmonyOS5.0.2
CVE-2025-31171 File read permission bypass vulnerability in the kernel file system module Successful exploitation of this vulnerability may affect service confidentiality. Medium HarmonyOS5.0.1, HarmonyOS5.0.2
CVE-2025-48911 Vulnerability of improper permission assignment in the note sharing module Successful exploitation of this vulnerability may affect availability. High HarmonyOS5.0.1, HarmonyOS5.0.2
CVE-2025-48908 Ability Auto Startup service vulnerability in the foundation process Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS5.0.2
CVE-2025-48910 Buffer overflow vulnerability in the DFile module Successful exploitation of this vulnerability may affect availability. Medium HarmonyOS5.0.1, HarmonyOS5.0.2

This security update includes the following third-party library patches:

CVE Severity Affected Version
CVE-2025-26691 Medium HarmonyOS5.0.1, HarmonyOS5.0.2
CVE-2025-27247 Medium HarmonyOS5.0.1, HarmonyOS5.0.2
CVE-2024-57884 Medium HarmonyOS5.0.1, HarmonyOS5.0.2
CVE-2024-58017 Medium HarmonyOS5.0.1, HarmonyOS5.0.2
CVE-2025-21683 Medium HarmonyOS5.0.1, HarmonyOS5.0.2
CVE-2025-23235 Low HarmonyOS5.0.1, HarmonyOS5.0.2
CVE-2025-21082 Low HarmonyOS5.0.1, HarmonyOS5.0.2
CVE-2025-26693 Low HarmonyOS5.0.1, HarmonyOS5.0.2
CVE-2025-27242 Low HarmonyOS5.0.1, HarmonyOS5.0.2
CVE-2025-20063 Low HarmonyOS5.0.1, HarmonyOS5.0.2
CVE-2025-25217 Low HarmonyOS5.0.1, HarmonyOS5.0.2

Updated on: 2025-06-05

Leaving consumer.huawei.com
After clicking the link, you will enter a third-party website. Huawei is not responsible and has no control over this third party website.
Return Continue