Out-of-Bounds Write Vulnerability in Huawei Devices
CVE-2024-57961

9.8CRITICAL

Key Information:

Vendor: Huawei
Status: Harmonyos; Emui
Vendor: CVE Published:; 6 February 2025

What is CVE-2024-57961?

An out-of-bounds write vulnerability in the emcom module of certain Huawei devices could lead to abnormal feature performance. Attackers potentially exploiting this weakness may disrupt normal operations, presenting a serious concern for device stability and integrity. Users are urged to prioritize updates to safeguard against potential exploitation.

Affected Version(s)

EMUI 13.0.0

HarmonyOS 4.2.0

HarmonyOS 3.0.0

References

https://consumer.huawei.com/en/support/bulletin/2025/2/

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 6, 2025
Vulnerability Reserved
Jan 22, 2025