Permission Management Vulnerability in Huawei Lock Screen Module
CVE-2024-58046

5.5MEDIUM

Key Information:

Vendor: Huawei
Status: Harmonyos
Vendor: CVE Published:; 4 March 2025

Summary

A vulnerability exists within the permission management of Huawei's lock screen module, which could allow unauthorized access to sensitive features. If successfully exploited, this weakness may compromise the confidentiality of services, potentially enabling attackers to view or manipulate protected information. It is imperative for users of affected products to review their security configurations and apply any relevant updates promptly.

Affected Version(s)

HarmonyOS 5.0.0

References

https://consumer.huawei.com/en/support/bulletin/2025/3/

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 4, 2025
Vulnerability Reserved
Feb 27, 2025