Use-After-Free Vulnerability in Huawei Display Module
CVE-2024-57959

9.8CRITICAL

Key Information:

Vendor: Huawei
Status: Harmonyos; Emui
Vendor: CVE Published:; 6 February 2025

What is CVE-2024-57959?

A use-after-free vulnerability in the Huawei display module may allow attackers to exploit certain features, leading to abnormal performance behavior. This vulnerability can be triggered under specific conditions, resulting in potential disruption of normal operations. Users are advised to implement security patches provided by Huawei to mitigate risks associated with this issue.

Affected Version(s)

EMUI 14.0.0

HarmonyOS 5.0.0

HarmonyOS 4.3.0

References

https://consumer.huawei.com/en/support/bulletin/2025/2/

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 6, 2025
Vulnerability Reserved
Jan 22, 2025