Notification Module Vulnerability in Huawei Product
CVE-2024-56446

7.5HIGH

Key Information:

Vendor
Huawei
Status
Harmonyos
Vendor
CVE Published:
8 January 2025

Summary

A security issue exists in Huawei's Notification Module due to uninitialized variables. Failure to properly initialize these variables can lead to potential disruptions in service availability, allowing unauthorized access or manipulation of the system. Administrators should be aware of this vulnerability to mitigate any risks associated with the exploitation of uninitialized variables.

Affected Version(s)

HarmonyOS 5.0.0

References

https://consumer.huawei.com/en/support/bulletin/2025/1/

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.