Skip to main content

OpenHarmony EUVDEUVD-2026-30829

| CVE-2026-27648 HIGH
Out-of-bounds Write (CWE-787)
2026-05-19 OpenHarmony GHSA-fpp4-pf9w-p6rr
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
Analysis Generated
May 19, 2026 - 03:46 vuln.today

DescriptionCVE.org

in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps.

AnalysisAI

Arbitrary code execution in OpenHarmony v6.0 and earlier enables remote attackers with low privileges to execute code within pre-installed apps via an out-of-bounds write (CWE-787). The CVSS 8.8 vector reflects network-reachable exploitation with low complexity and no user interaction once minimal privileges are obtained, yielding high impact across confidentiality, integrity, and availability. No public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Technical ContextAI

OpenHarmony is an open-source distributed operating system stewarded by the OpenAtom Foundation, deployed across IoT, smart-home, wearable, automotive, and mobile-class devices, with pre-installed system apps that run with elevated platform privileges. The root cause is CWE-787 (out-of-bounds write) - a memory-safety class in which untrusted input causes the program to write past an allocated buffer boundary, corrupting adjacent heap or stack memory and enabling control-flow hijack when crafted data overwrites function pointers, return addresses, or object vtables. The CPE cpe:2.3:a:openharmony:openharmony:*:*:*:*:*:*:*:* indicates the flaw resides in the OpenHarmony platform itself rather than a third-party component, and the 'pre-installed apps' wording implies the vulnerable code path is reachable through application surfaces shipped by default with the OS image.

RemediationAI

Upgrade to a release later than OpenHarmony v6.0 once the OpenAtom Foundation publishes a fixed build; the input does not include an explicit fix version, so this should be treated as 'Patch available per vendor advisory' and the exact target version must be read from the OpenHarmony April 2026 security bulletin at https://gitcode.com/openharmony/security/tree/master/zh/security-disclosure/2026/2026-04.md. Until a patched firmware image is deployed, restrict network exposure of affected devices by placing them on isolated VLANs that block inbound connections from untrusted networks, disable or remove non-essential pre-installed apps if the OEM build permits it, and constrain which local accounts can install or interact with vulnerable components (since exploitation requires PR:L). Note that VLAN segmentation breaks remote-management tooling and removing pre-installed apps may degrade vendor-supplied features such as OTA updates or telemetry, so validate these controls in a pilot fleet before broad rollout.

CVE-2024-37185 CRITICAL
9.8 Jul 02

in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through

CVE-2024-37077 CRITICAL
9.8 Jul 02

in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through

CVE-2024-37030 CRITICAL
9.8 Jul 02

in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through

CVE-2024-36260 CRITICAL
9.8 Jul 02

in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through

CVE-2024-36243 CRITICAL
9.8 Jul 02

in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through

CVE-2025-0303 HIGH
8.8 Feb 07

in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the common permission is upgraded to root and sens

CVE-2024-29074 HIGH
8.8 Apr 02

in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through improper in

CVE-2024-22098 HIGH
8.8 Apr 02

in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through use after f

CVE-2024-21860 HIGH
8.8 Feb 02

in OpenHarmony v4.0.0 and prior versions allow an adjacent attacker arbitrary code execution in any apps through use aft

CVE-2022-42463 HIGH
8.8 Oct 14

OpenHarmony-v3.1.2 and prior versions have an authenication bypass vulnerability in a callback handler function of Softb

CVE-2022-38700 HIGH
8.8 Sep 09

OpenHarmony-v3.1.1 and prior versions have a permission bypass vulnerability. Rated high severity (CVSS 8.8), this vulne

CVE-2026-25781 HIGH
8.4 May 19

Out-of-bounds write in OpenHarmony v6.0 and earlier enables a local low-privileged attacker to corrupt memory and trigge

Share

EUVD-2026-30829 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy