Openharmony
Monthly
Signal handler race condition in OpenHarmony v6.0 and prior enables a local, low-privileged attacker to cause a denial-of-service condition. The vulnerability (CWE-364) produces only low availability impact per the CVSS vector, with no confidentiality or integrity loss confirmed. No public exploit code or CISA KEV listing exists at time of analysis, placing this in a low-urgency tier despite the low attack complexity.
Use-After-Free memory corruption in OpenHarmony v6.0 and prior enables a local attacker with low privileges to execute arbitrary code, achieving a changed scope with high availability impact. The vulnerability is rooted in CWE-416, where freed memory regions are accessed without proper lifecycle management, a class of flaw frequently exploitable for control-flow hijacking. No public exploit code or CISA KEV listing has been identified at time of analysis, though the OpenHarmony security team has published a formal disclosure.
Information disclosure in OpenHarmony v6.0 and earlier enables a low-privileged local attacker to leak high-sensitivity data from the system without any user interaction. The root cause is a signal handler race condition (CWE-364), where asynchronous signal delivery can expose protected memory contents while leaving system integrity and availability unaffected. No public exploit code has been identified at the time of analysis, and the vulnerability is not listed in the CISA KEV catalog.
OpenHarmony v6.0 and prior versions expose sensitive information to local low-privileged attackers due to improper preservation of permissions (CWE-281). A locally authenticated attacker with standard user privileges can exploit this flaw to leak confidential data - achieving high confidentiality impact - without requiring elevated rights or user interaction. No public exploit code or active exploitation has been identified at time of analysis, but the low complexity and no-interaction-required nature of the attack make it straightforward to exploit once access is obtained.
Out-of-bounds write in OpenHarmony v6.0 and earlier enables a local low-privileged attacker to corrupt memory and trigger an unrecoverable denial-of-service condition on affected devices. The flaw was disclosed by the OpenHarmony project itself, and no public exploit identified at time of analysis. Although CVSS scores it 8.4 (High) due to scope change and high confidentiality/integrity impact, the vector indicates local-only access with low privileges already required.
Local denial-of-service in OpenHarmony v6.0 and prior versions exploits an improper input validation flaw (CWE-20), allowing a low-privileged local attacker to partially disrupt availability without requiring user interaction. The CVSS score of 3.3 (Low) reflects constrained impact: availability impact is rated Low (A:L), with no confidentiality or integrity loss. No public exploit code and no CISA KEV listing have been identified at time of analysis, placing this in the lower tier of operational urgency.
Integer overflow in OpenHarmony v6.0 and prior versions enables a local authenticated attacker to trigger a denial-of-service condition, resulting in an availability impact. The vulnerability is low severity with a CVSS score of 3.3, requires local access with low privileges, and no public exploit or active exploitation has been identified at time of analysis. Notably, the CVE tags include 'Information Disclosure' despite the CVSS vector indicating no confidentiality impact (C:N), a discrepancy that warrants vendor clarification.
Arbitrary code execution in OpenHarmony v6.0 and earlier enables remote attackers with low privileges to execute code within pre-installed apps via an out-of-bounds write (CWE-787). The CVSS 8.8 vector reflects network-reachable exploitation with low complexity and no user interaction once minimal privileges are obtained, yielding high impact across confidentiality, integrity, and availability. No public exploit identified at time of analysis and the issue is not listed in CISA KEV.
NULL pointer dereference in OpenHarmony v6.0 and prior enables a local low-privileged attacker to crash the system or an affected process, causing a denial-of-service condition. The vulnerability is confined to local exploitation with no confidentiality or integrity impact, as reflected in the CVSS:3.1 score of 3.3 (Low). No public exploit code has been identified at time of analysis, and no active exploitation has been reported.
Remote code execution in OpenHarmony v6.0 and prior versions allows authenticated remote attackers to execute arbitrary code within pre-installed applications through a race condition flaw (CWE-364). The CVSS 8.1 score reflects high confidentiality and availability impact but no integrity impact, and no public exploit has been identified at time of analysis. The vulnerability requires low privileges but no user interaction, making it exploitable across OpenHarmony's distributed device ecosystem including smart devices, wearables, and IoT endpoints running the open-source operating system.
OpenHarmony versions 5.1.0 and prior contain an improper input validation vulnerability (CWE-20) that allows local attackers with low privileges to trigger a denial of service condition. An authenticated local user can craft malicious input that causes the system to become unresponsive or crash, requiring manual intervention to restore availability. While this vulnerability has a moderate CVSS score of 5.0, the local-only attack vector and requirement for user interaction limit widespread exploitation risk.
OpenHarmony v5.0.3 and prior versions contain an improper input validation vulnerability (CWE-20) that allows a local attacker with limited privileges to read sensitive information from the system. The vulnerability carries a CVSS score of 3.3 with low attack complexity and requires local access and low privileges, indicating a confined risk profile suitable only for restricted exploitation scenarios. While the CVSS vector does not indicate active exploitation or widespread POC availability based on the provided data, the information disclosure impact warrants attention in environments where local privilege escalation chains may amplify the risk.
An out-of-bounds write vulnerability (CWE-787) exists in OpenHarmony versions up to and including v5.1.0, enabling local attackers to execute arbitrary code within pre-installed applications. The vulnerability requires local access and low privileges but can result in complete confidentiality compromise. This is a memory corruption issue that, while restricted to specific scenarios, poses a meaningful risk to OpenHarmony device security given the local attack vector and high impact on confidentiality.
An out-of-bounds write vulnerability in OpenHarmony v5.1.0 and earlier versions allows local attackers with limited privileges to achieve arbitrary code execution within pre-installed applications through memory corruption. The vulnerability, tracked as CVE-2025-41432 and assigned CVSS 5.5, exploits CWE-787 (out-of-bounds write) and is limited to restricted attack scenarios that require local access and low privilege levels. While not currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog, the availability of vulnerability disclosure documentation and the nature of memory corruption bugs suggest heightened risk for motivated threat actors.
This vulnerability allows arbitrary code execution in OpenHarmony pre-installed applications through improper handling of incompatible types, enabling local attackers to escalate privileges and execute arbitrary code within the context of trusted system applications. Affected versions include OpenHarmony v5.0.3 through v5.1.0.x, impacting the core application framework across the OpenHarmony ecosystem. While the CVSS score of 6.3 reflects moderate severity, the vulnerability requires local access and high attack complexity, limiting real-world exploitability to restricted scenarios as noted by the vendor.
OpenHarmony versions 5.0.3 and earlier contain an information disclosure vulnerability caused by use of uninitialized resources, allowing local attackers to leak sensitive case-sensitive data. The vulnerability affects OpenHarmony deployments across all product lines up to v5.0.3.x (per EUVD-2025-208673). An attacker with local access and standard user privileges can read uninitialized memory regions to obtain confidential information without requiring user interaction, though there is no indication of active exploitation in public KEV databases at this time.
This vulnerability is a memory leak in OpenHarmony v6.0 and prior versions that allows a local, low-privileged attacker to trigger a denial-of-service condition by preventing proper memory release during runtime operations. An authenticated local user without special privileges can exhaust system memory through repeated triggering of the affected code path, causing application or system instability. The low CVSS score of 3.3 reflects the limited scope (local access only, no confidentiality or integrity impact), but the underlying memory management flaw (CWE-401: Missing Release of Memory) is a classic stability threat in systems software.
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through type confusion. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through improper input. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input.
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through race condition.
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through buffer overflow. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds write. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer dereference. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause information leak through out-of-bounds read bypass permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer dereference. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through through NULL pointer dereference.. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause information leak through out-of-bounds read. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through buffer overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through integer overflow. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through use after free. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the device is unable to boot up through out-of-bounds write. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause information leak through out-of-bounds Read. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.1 and prior versions allow a local attacker cause information leak through out-of-bounds Read. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.1 and prior versions allow a local attacker cause the common permission is upgraded to root through use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-bounds write. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through double free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-bounds write. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through out-of-bounds write. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through improper input. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS by memory leak. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.0 allow a local attacker with high privileges arbitrary code execution in pre-installed apps through use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Signal handler race condition in OpenHarmony v6.0 and prior enables a local, low-privileged attacker to cause a denial-of-service condition. The vulnerability (CWE-364) produces only low availability impact per the CVSS vector, with no confidentiality or integrity loss confirmed. No public exploit code or CISA KEV listing exists at time of analysis, placing this in a low-urgency tier despite the low attack complexity.
Use-After-Free memory corruption in OpenHarmony v6.0 and prior enables a local attacker with low privileges to execute arbitrary code, achieving a changed scope with high availability impact. The vulnerability is rooted in CWE-416, where freed memory regions are accessed without proper lifecycle management, a class of flaw frequently exploitable for control-flow hijacking. No public exploit code or CISA KEV listing has been identified at time of analysis, though the OpenHarmony security team has published a formal disclosure.
Information disclosure in OpenHarmony v6.0 and earlier enables a low-privileged local attacker to leak high-sensitivity data from the system without any user interaction. The root cause is a signal handler race condition (CWE-364), where asynchronous signal delivery can expose protected memory contents while leaving system integrity and availability unaffected. No public exploit code has been identified at the time of analysis, and the vulnerability is not listed in the CISA KEV catalog.
OpenHarmony v6.0 and prior versions expose sensitive information to local low-privileged attackers due to improper preservation of permissions (CWE-281). A locally authenticated attacker with standard user privileges can exploit this flaw to leak confidential data - achieving high confidentiality impact - without requiring elevated rights or user interaction. No public exploit code or active exploitation has been identified at time of analysis, but the low complexity and no-interaction-required nature of the attack make it straightforward to exploit once access is obtained.
Out-of-bounds write in OpenHarmony v6.0 and earlier enables a local low-privileged attacker to corrupt memory and trigger an unrecoverable denial-of-service condition on affected devices. The flaw was disclosed by the OpenHarmony project itself, and no public exploit identified at time of analysis. Although CVSS scores it 8.4 (High) due to scope change and high confidentiality/integrity impact, the vector indicates local-only access with low privileges already required.
Local denial-of-service in OpenHarmony v6.0 and prior versions exploits an improper input validation flaw (CWE-20), allowing a low-privileged local attacker to partially disrupt availability without requiring user interaction. The CVSS score of 3.3 (Low) reflects constrained impact: availability impact is rated Low (A:L), with no confidentiality or integrity loss. No public exploit code and no CISA KEV listing have been identified at time of analysis, placing this in the lower tier of operational urgency.
Integer overflow in OpenHarmony v6.0 and prior versions enables a local authenticated attacker to trigger a denial-of-service condition, resulting in an availability impact. The vulnerability is low severity with a CVSS score of 3.3, requires local access with low privileges, and no public exploit or active exploitation has been identified at time of analysis. Notably, the CVE tags include 'Information Disclosure' despite the CVSS vector indicating no confidentiality impact (C:N), a discrepancy that warrants vendor clarification.
Arbitrary code execution in OpenHarmony v6.0 and earlier enables remote attackers with low privileges to execute code within pre-installed apps via an out-of-bounds write (CWE-787). The CVSS 8.8 vector reflects network-reachable exploitation with low complexity and no user interaction once minimal privileges are obtained, yielding high impact across confidentiality, integrity, and availability. No public exploit identified at time of analysis and the issue is not listed in CISA KEV.
NULL pointer dereference in OpenHarmony v6.0 and prior enables a local low-privileged attacker to crash the system or an affected process, causing a denial-of-service condition. The vulnerability is confined to local exploitation with no confidentiality or integrity impact, as reflected in the CVSS:3.1 score of 3.3 (Low). No public exploit code has been identified at time of analysis, and no active exploitation has been reported.
Remote code execution in OpenHarmony v6.0 and prior versions allows authenticated remote attackers to execute arbitrary code within pre-installed applications through a race condition flaw (CWE-364). The CVSS 8.1 score reflects high confidentiality and availability impact but no integrity impact, and no public exploit has been identified at time of analysis. The vulnerability requires low privileges but no user interaction, making it exploitable across OpenHarmony's distributed device ecosystem including smart devices, wearables, and IoT endpoints running the open-source operating system.
OpenHarmony versions 5.1.0 and prior contain an improper input validation vulnerability (CWE-20) that allows local attackers with low privileges to trigger a denial of service condition. An authenticated local user can craft malicious input that causes the system to become unresponsive or crash, requiring manual intervention to restore availability. While this vulnerability has a moderate CVSS score of 5.0, the local-only attack vector and requirement for user interaction limit widespread exploitation risk.
OpenHarmony v5.0.3 and prior versions contain an improper input validation vulnerability (CWE-20) that allows a local attacker with limited privileges to read sensitive information from the system. The vulnerability carries a CVSS score of 3.3 with low attack complexity and requires local access and low privileges, indicating a confined risk profile suitable only for restricted exploitation scenarios. While the CVSS vector does not indicate active exploitation or widespread POC availability based on the provided data, the information disclosure impact warrants attention in environments where local privilege escalation chains may amplify the risk.
An out-of-bounds write vulnerability (CWE-787) exists in OpenHarmony versions up to and including v5.1.0, enabling local attackers to execute arbitrary code within pre-installed applications. The vulnerability requires local access and low privileges but can result in complete confidentiality compromise. This is a memory corruption issue that, while restricted to specific scenarios, poses a meaningful risk to OpenHarmony device security given the local attack vector and high impact on confidentiality.
An out-of-bounds write vulnerability in OpenHarmony v5.1.0 and earlier versions allows local attackers with limited privileges to achieve arbitrary code execution within pre-installed applications through memory corruption. The vulnerability, tracked as CVE-2025-41432 and assigned CVSS 5.5, exploits CWE-787 (out-of-bounds write) and is limited to restricted attack scenarios that require local access and low privilege levels. While not currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog, the availability of vulnerability disclosure documentation and the nature of memory corruption bugs suggest heightened risk for motivated threat actors.
This vulnerability allows arbitrary code execution in OpenHarmony pre-installed applications through improper handling of incompatible types, enabling local attackers to escalate privileges and execute arbitrary code within the context of trusted system applications. Affected versions include OpenHarmony v5.0.3 through v5.1.0.x, impacting the core application framework across the OpenHarmony ecosystem. While the CVSS score of 6.3 reflects moderate severity, the vulnerability requires local access and high attack complexity, limiting real-world exploitability to restricted scenarios as noted by the vendor.
OpenHarmony versions 5.0.3 and earlier contain an information disclosure vulnerability caused by use of uninitialized resources, allowing local attackers to leak sensitive case-sensitive data. The vulnerability affects OpenHarmony deployments across all product lines up to v5.0.3.x (per EUVD-2025-208673). An attacker with local access and standard user privileges can read uninitialized memory regions to obtain confidential information without requiring user interaction, though there is no indication of active exploitation in public KEV databases at this time.
This vulnerability is a memory leak in OpenHarmony v6.0 and prior versions that allows a local, low-privileged attacker to trigger a denial-of-service condition by preventing proper memory release during runtime operations. An authenticated local user without special privileges can exhaust system memory through repeated triggering of the affected code path, causing application or system instability. The low CVSS score of 3.3 reflects the limited scope (local access only, no confidentiality or integrity impact), but the underlying memory management flaw (CWE-401: Missing Release of Memory) is a classic stability threat in systems software.
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through type confusion. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through improper input. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input.
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through race condition.
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through buffer overflow. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds write. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer dereference. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause information leak through out-of-bounds read bypass permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer dereference. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through through NULL pointer dereference.. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause information leak through out-of-bounds read. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through buffer overflow. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through integer overflow. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through use after free. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the device is unable to boot up through out-of-bounds write. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause information leak through out-of-bounds Read. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.1 and prior versions allow a local attacker cause information leak through out-of-bounds Read. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.1 and prior versions allow a local attacker cause the common permission is upgraded to root through use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-bounds write. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through double free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-bounds write. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through out-of-bounds write. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through improper input. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS by memory leak. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.0 allow a local attacker with high privileges arbitrary code execution in pre-installed apps through use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.