Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
Lifecycle Timeline
1DescriptionCVE.org
Permission control vulnerability in the audio framework. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
AnalysisAI
Permission control failure in the audio framework of Huawei HarmonyOS and EMUI allows a local attacker with no special privileges, but requiring user interaction, to access confidential audio service data with high confidentiality impact alongside minor integrity and availability effects. The vulnerability stems from improper permission enforcement (CWE-275) within the audio subsystem. No public exploit has been identified at time of analysis and the vulnerability is not listed in CISA KEV, though the local-attack-vector with user interaction requirement limits mass exploitation.
Technical ContextAI
The affected components are Huawei's HarmonyOS and EMUI mobile operating system platforms, identified by CPE strings cpe:2.3:a:huawei:harmonyos:*:*:*:*:*:*:*:* and cpe:2.3:a:huawei:emui:*:*:*:*:*:*:*:*. The vulnerability resides in the audio framework layer - a privileged system service responsible for managing microphone access, audio playback, and audio routing. CWE-275 (Permission Issues) indicates the root cause is an improper or missing permission check, meaning the audio framework fails to correctly enforce access controls before granting a requesting component or application access to sensitive audio resources. On mobile operating systems like HarmonyOS/EMUI, audio framework services run at elevated privilege levels and broker access between apps and hardware; a permission control flaw here can allow an unprivileged caller to bypass the normal app-permission model (e.g., the RECORD_AUDIO or equivalent HarmonyOS permission gate) and read audio data directly. The wildcard version in both CPE strings indicates that the specific affected version range was not enumerated in the NVD/Huawei CPE data at time of publication.
RemediationAI
The primary remediation is to apply the patch issued by Huawei in the June 2026 Security Bulletin, available at https://consumer.huawei.com/en/support/bulletin/2026/6/ and https://consumer.huawei.com/en/support/bulletinvision/2026/6/. Huawei distributes security fixes via OTA (over-the-air) system updates for HarmonyOS and EMUI devices; administrators should ensure devices receive and apply the June 2026 security patch level. The exact patched version number is not independently confirmed from the available CPE or reference data - consult the bulletin directly for the minimum required firmware or OS version. As a compensating control pending patching, organizations managing fleets of Huawei devices via MDM (Mobile Device Management) should consider restricting third-party app installation and enforcing audio permission policies through device policy to limit the set of processes that can interact with the audio framework. Note that the UI:R requirement means users must be socially engineered or otherwise induced to trigger the vulnerable code path, so user awareness around untrusted applications provides marginal additional protection. No workaround that eliminates the underlying permission flaw is available short of the vendor patch.
Permission verification vulnerability in the wpa_supplicant module Impact: Successful exploitation of this vulnerability
Permission management vulnerability in the PMS module. Rated critical severity (CVSS 9.8), this vulnerability is remotel
Vulnerability of access permissions not being strictly verified in the APPWidget module.Successful exploitation of this
Vulnerability of permissions not being strictly verified in the window management module.Successful exploitation of this
API permission management vulnerability in the Fwk-Display module.Successful exploitation of this vulnerability may caus
Vulnerability of defects introduced in the design process in the HiviewTunner module. Rated critical severity (CVSS 9.8)
Vulnerability of out-of-bounds parameter read/write in the Wi-Fi module. Rated critical severity (CVSS 9.8), this vulner
Vulnerability of commands from the modem being intercepted in the atcmdserver module. Rated critical severity (CVSS 9.8)
Improper permission control vulnerability in the Notepad app.Successful exploitation of the vulnerability may lead to pr
Some smartphones have configuration issues. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitab
Some smartphones have the out-of-bounds write vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is r
Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause syst
Same weakness CWE-275 – Permission Issues
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-35362
GHSA-jp48-wg33-3cg8