Permission Control Vulnerability in Huawei Contacts Module
CVE-2025-46586

5.5MEDIUM

Key Information:

Vendor

Huawei

Status
Vendor
CVE Published:
6 May 2025

What is CVE-2025-46586?

A permission control vulnerability exists within the contacts module of Huawei products, which may allow unauthorized access to sensitive features. This flaw could potentially lead to an impact on the availability of the system, as it disrupts normal operations. Users are advised to regularly update their affected products to mitigate any risks associated with this vulnerability.

Affected Version(s)

HarmonyOS 5.0.0

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.