Severity by source
AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
Lifecycle Timeline
5DescriptionCVE.org
Permission bypass vulnerability in the LBS module. Impact: Successful exploitation of this vulnerability may affect availability.
AnalysisAI
Permission bypass in Huawei HarmonyOS and EMUI LBS (Location-Based Services) module enables highly-privileged local attackers with user interaction to achieve full compromise across security contexts (confidentiality, integrity, availability impact). CVSS 7.7 HIGH severity. No public exploit identified at time of analysis. Attack requires local access, high privileges (administrator/root), user interaction, but succeeds with low complexity once prerequisites met. Scope change (S:C) indicates container escape or privilege boundary violation beyond the vulnerable component.
Technical ContextAI
This vulnerability affects the Location-Based Services (LBS) module in Huawei's mobile operating systems (HarmonyOS and EMUI). The root cause is CWE-270 (Privilege Context Switching Error), indicating improper handling of privilege boundaries when transitioning between security contexts. LBS modules typically manage GPS/location data and related permissions-a permission bypass here could allow malicious apps or processes to circumvent Android/HarmonyOS permission models. The Changed scope (S:C) in the CVSS vector indicates the vulnerability allows impact beyond the vulnerable component's security authority, suggesting privilege escalation or sandbox escape. The requirement for high privileges (PR:H) and user interaction (UI:R) suggests this may involve tricking an administrator into installing a malicious configuration profile, MDM payload, or system-level application that then exploits the LBS permission flaw.
RemediationAI
Apply vendor-released security updates per Huawei's April 2026 security bulletin available at https://consumer.huawei.com/en/support/bulletin/2026/4/ and https://consumer.huawei.com/en/support/bulletinvision/2026/4/. Exact patched versions not independently confirmed from available data; users must check Huawei's official advisory for model-specific update packages. Until patching, mitigations include restricting installation of system-level applications to trusted sources only, disabling unknown sources in device settings, auditing MDM profiles and device administrator permissions, and limiting physical device access. Enterprise deployments should review MDM administrator privilege assignments and enable endpoint detection monitoring for abnormal LBS permission requests.
Permission verification vulnerability in the wpa_supplicant module Impact: Successful exploitation of this vulnerability
Permission management vulnerability in the PMS module. Rated critical severity (CVSS 9.8), this vulnerability is remotel
Vulnerability of access permissions not being strictly verified in the APPWidget module.Successful exploitation of this
Vulnerability of permissions not being strictly verified in the window management module.Successful exploitation of this
API permission management vulnerability in the Fwk-Display module.Successful exploitation of this vulnerability may caus
Vulnerability of defects introduced in the design process in the HiviewTunner module. Rated critical severity (CVSS 9.8)
Vulnerability of out-of-bounds parameter read/write in the Wi-Fi module. Rated critical severity (CVSS 9.8), this vulner
Vulnerability of commands from the modem being intercepted in the atcmdserver module. Rated critical severity (CVSS 9.8)
Improper permission control vulnerability in the Notepad app.Successful exploitation of the vulnerability may lead to pr
Some smartphones have configuration issues. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitab
Some smartphones have the out-of-bounds write vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is r
Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause syst
Same weakness CWE-270 – Privilege Context Switching Error
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-21798
GHSA-gmm9-3v86-m9wj