Exception Capture Failure in ArkUI Framework Affects Huawei Products
CVE-2024-58111

7.5HIGH

Key Information:

Vendor: Huawei
Status: Harmonyos
Vendor: CVE Published:; 7 April 2025

Summary

The exception capture failure vulnerability in the SVG parsing module of the ArkUI framework potentially allows for disrupting the availability of affected systems. Exploitation occurs during the handling of SVG content, which could lead to unexpected behaviors or service interruptions. It is crucial for users to ensure they are using the latest patched versions to mitigate any risks associated with this issue.

Affected Version(s)

HarmonyOS 5.0.0

References

https://consumer.huawei.com/en/support/bulletin/2025/4/

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 7, 2025
Vulnerability Reserved
Mar 27, 2025