Permission Control Vulnerability in Media Library Module by Huawei
CVE-2025-46587

5.5MEDIUM

Key Information:

Vendor

Huawei
Status
Harmonyos
Vendor
CVE Published:
6 May 2025

What is CVE-2025-46587?

A permission control vulnerability exists within the media library module in Huawei products, which can lead to unauthorized access. If exploited, an attacker could gain access to sensitive information, thereby undermining the confidentiality of service operations. It is crucial for users and organizations utilizing affected versions to assess their security posture and apply necessary mitigations.

Affected Version(s)

HarmonyOS 5.0.0

References

https://consumer.huawei.com/en/support/bulletin/2025/5/

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.