Skip to main content

Pcmanager EUVDEUVD-2026-24065

| CVE-2026-31369 LOW
Improper Privilege Management (CWE-269)
2026-04-21 Honor
3.2
CVSS 3.1 · NVD

Severity by source

NVD PRIMARY
3.2 LOW
AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L
Attack Vector
Local
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
None
Availability
Low

Lifecycle Timeline

4
Analysis Generated
Apr 21, 2026 - 07:26 vuln.today
EUVD ID Assigned
Apr 21, 2026 - 07:15 euvd
EUVD-2026-24065
Analysis Generated
Apr 21, 2026 - 07:15 vuln.today
CVE Published
Apr 21, 2026 - 06:26 nvd
LOW 3.2

DescriptionCVE.org

PcManager is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability

AnalysisAI

Honor PcManager contains a privilege bypass vulnerability allowing local attackers without privileges to impact service availability through a type-confusion mechanism. The vulnerability requires high attack complexity and local access, resulting in a CVSS 3.2 (low severity) score with confidentiality and integrity impact ruled out. No active exploitation or public exploit code has been identified at the time of analysis.

Technical ContextAI

PcManager is Honor's system management utility (CPE: cpe:2.3:a:honor:pcmanager:*:*:*:*:*:*:*:*) running on local systems. The vulnerability stems from a type-related privilege bypass mechanism-likely involving improper type handling, type confusion, or weak type validation in privilege-escalation code paths. The local attack vector (AV:L) and high attack complexity (AC:H) suggest the exploit requires specific system conditions, precise timing, or particular input crafting to trigger the type confusion. CWE classification is not provided, limiting root-cause analysis, but privilege bypass vulnerabilities in system utilities typically involve incorrect privilege level checks or type-based security boundary violations.

RemediationAI

Contact Honor support or visit https://www.honor.com/global/security/CVE-2026-31369/ to obtain the patched version of PcManager-exact version number not yet identified in this analysis. If immediate patching is delayed, restrict local user access to affected systems to trusted administrators only, and monitor process execution of PcManager for anomalous activity indicating exploitation attempts. If PcManager runs with elevated privileges, consider deploying application-level access controls or privilege-dropping mechanisms to reduce blast radius if the vulnerability is exploited. Note that these mitigations do not eliminate the underlying flaw and should be temporary measures pending patch deployment.

CVE-2025-63946 HIGH POC
7.4 Feb 23

A privilege escalation (PE) vulnerability in the Tencent PC Manager app thru 17.10.28554.205 on Windows devices enables

CVE-2022-1513 HIGH
8.8 Aug 23

A potential vulnerability was reported in Lenovo PCManager prior to version 5.0.10.4191 that may allow code execution wh

CVE-2025-2501 HIGH
8.5 May 30

An untrusted search path vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate pr

CVE-2025-2502 HIGH
8.5 May 30

An improper default permissions vulnerability was reported in Lenovo PC Manager that could allow a local attacker to ele

CVE-2022-0192 HIGH
7.8 Apr 22

A DLL search path vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175 that could allow privilege

CVE-2021-3550 HIGH
7.8 Jul 16

A DLL search path vulnerability was reported in Lenovo PCManager, prior to version 3.0.500.5102, that could allow privil

CVE-2021-3464 HIGH
7.8 Apr 27

A DLL search path vulnerability was reported in Lenovo PCManager, prior to version 3.0.400.3252, that could allow privil

CVE-2020-8351 HIGH
7.8 Nov 30

A privilege escalation vulnerability was reported in Lenovo PCManager prior to version 3.0.50.9162 that could allow an a

CVE-2020-1817 HIGH
7.8 Apr 30

Huawei PCManager with versions earlier than 10.0.1.36 has a privilege escalation vulnerability. Rated high severity (CVS

CVE-2020-1844 HIGH
7.8 Feb 28

PCManager with versions earlier than 10.0.5.51 have a privilege escalation vulnerability in Huawei PCManager products. R

CVE-2019-5223 HIGH
7.8 Aug 13

PCManager 9.1.3.1 has an improper authentication vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no

CVE-2019-5242 HIGH
7.8 Jun 06

There is a code execution vulnerability in Huawei PCManager versions earlier than PCManager 9.0.1.50. Rated high severit

Share

EUVD-2026-24065 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy