Out-of-Bounds Write Vulnerability in Huawei Devices
CVE-2024-57961

6.8MEDIUM

Key Information:

Vendor: Huawei
Status: Harmonyos; Emui
Vendor: CVE Published:; 6 February 2025

Summary

An out-of-bounds write vulnerability in the emcom module of certain Huawei devices could lead to abnormal feature performance. Attackers potentially exploiting this weakness may disrupt normal operations, presenting a serious concern for device stability and integrity. Users are urged to prioritize updates to safeguard against potential exploitation.

Affected Version(s)

EMUI 13.0.0

HarmonyOS 4.2.0

HarmonyOS 3.0.0

References

https://consumer.huawei.com/en/support/bulletin/2025/2/

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 6, 2025
Vulnerability Reserved
Jan 22, 2025