Harmonyos
CVE-2024-58045
HIGH
Severity by source
AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Multi-concurrency vulnerability in the media digital copyright protection module Impact: Successful exploitation of this vulnerability may affect availability.
AnalysisAI
Multi-concurrency vulnerability in the media digital copyright protection module Impact: Successful exploitation of this vulnerability may affect availability. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-362. Multi-concurrency vulnerability in the media digital copyright protection module Impact: Successful exploitation of this vulnerability may affect availability. Affected products include: Huawei Harmonyos.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Auth bypass in device authentication module.
Permission control vulnerability in the memory management module. Rated critical severity (CVSS 9.3), this vulnerability
Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitation of this vulnerab
CVE-2025-48906 is an authentication bypass vulnerability in the DSoftBus module that allows unauthenticated attackers on
Deserialization mismatch vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability w
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability w
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability w
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability w
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability w
Permission verification bypass vulnerability in the notification module Impact: Successful exploitation of this vulnerab
Path traversal vulnerability in the virtualization file module. Rated high severity (CVSS 8.4), this vulnerability is lo
Same weakness CWE-362 – Race Condition
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today