Permission Verification Flaw in Media Library Module by Huawei
CVE-2024-58049

5.5MEDIUM

Key Information:

Vendor: Huawei
Status: Harmonyos
Vendor: CVE Published:; 4 March 2025

Summary

A permission verification vulnerability exists in Huawei's media library module. This issue can lead to unauthorized access, potentially compromising the confidentiality of services. Attackers who exploit this vulnerability may gain access to sensitive information, thereby posing significant risks to data integrity and user privacy. It is crucial for users of the affected versions to apply protective measures and ensure updates are implemented to mitigate potential security threats.

Affected Version(s)

HarmonyOS 5.0.0

References

https://consumer.huawei.com/en/support/bulletin/2025/3/

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 4, 2025
Vulnerability Reserved
Feb 27, 2025