Harmonyos
CVE-2025-31173
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
AnalysisAI
Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitation of this vulnerability may affect service confidentiality. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-280. Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitation of this vulnerability may affect service confidentiality. Affected products include: Huawei Harmonyos.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Auth bypass in device authentication module.
Permission control vulnerability in the memory management module. Rated critical severity (CVSS 9.3), this vulnerability
CVE-2025-48906 is an authentication bypass vulnerability in the DSoftBus module that allows unauthenticated attackers on
Multi-concurrency vulnerability in the media digital copyright protection module Impact: Successful exploitation of this
Deserialization mismatch vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability w
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability w
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability w
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability w
Access control vulnerability in the security verification module Impact: Successful exploitation of this vulnerability w
Permission verification bypass vulnerability in the notification module Impact: Successful exploitation of this vulnerab
Path traversal vulnerability in the virtualization file module. Rated high severity (CVSS 8.4), this vulnerability is lo
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today