Harmonyos
CVE-2024-58107
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
2DescriptionCVE.org
Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.
AnalysisAI
Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-680. Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability. Affected products include: Huawei Harmonyos.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Auth bypass in device authentication module.
Permission control vulnerability in the memory management module. Rated critical severity (CVSS 9.3), this vulnerability
Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitation of this vulnerab
CVE-2025-48906 is an authentication bypass vulnerability in the DSoftBus module that allows unauthenticated attackers on
Multi-concurrency vulnerability in the media digital copyright protection module Impact: Successful exploitation of this
Deserialization mismatch vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability w
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability w
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability w
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability w
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability w
Permission verification bypass vulnerability in the notification module Impact: Successful exploitation of this vulnerab
Same weakness CWE-680 – Integer Overflow to Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today