CVE-2025-53186

| EUVD-2025-20182 MEDIUM
2025-07-07 [email protected]
5.9
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

3
Analysis Generated
Mar 16, 2026 - 03:37 vuln.today
EUVD ID Assigned
Mar 16, 2026 - 03:37 euvd
EUVD-2025-20182
CVE Published
Jul 07, 2025 - 03:15 nvd
MEDIUM 5.9

Tags

Privilege Escalation Harmonyos Emui

Description

Vulnerability that allows third-party call apps to send broadcasts without verification in the audio framework module Impact: Successful exploitation of this vulnerability may affect availability.

Analysis

Vulnerability that allows third-party call apps to send broadcasts without verification in the audio framework module Impact: Successful exploitation of this vulnerability may affect availability.

Technical Context

Privilege escalation allows a low-privileged user or process to gain elevated permissions beyond what was originally authorized. This vulnerability is classified as Permissions, Privileges, and Access Controls (CWE-264).

Affected Products

Affected products: Huawei Emui 12.0.0, Huawei Harmonyos 2.0.0

Remediation

Apply the principle of least privilege. Keep systems patched. Monitor for suspicious privilege changes. Use mandatory access controls (SELinux, AppArmor).

Priority Score

30
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +30
POC: 0

Share

CVE-2025-53186 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy