Exception Capture Failure in ArkUI Framework Affects Huawei Products
CVE-2024-58112

7.5HIGH

Key Information:

Vendor: Huawei
Status: Harmonyos
Vendor: CVE Published:; 7 April 2025

What is CVE-2024-58112?

A vulnerability exists in the SVG parsing module of the ArkUI framework developed by Huawei. This exception capture failure can lead to potential availability issues, allowing attackers to exploit the flaw and disrupt the functionalities of applications utilizing this framework. Users and organizations utilizing affected versions should prioritize remediation to safeguard against possible exploitation.

Affected Version(s)

HarmonyOS 5.0.0

References

https://consumer.huawei.com/en/support/bulletin/2025/4/

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 7, 2025
Vulnerability Reserved
Mar 27, 2025