Uncontrolled Resource Management Flaw in Huawei's Setting Module
CVE-2025-48902

6.6MEDIUM

Key Information:

Vendor: Huawei
Status: Harmonyos; Emui
Vendor: CVE Published:; 6 June 2025

What is CVE-2025-48902?

This vulnerability involves uncontrolled resource management within Huawei's Settings Module, which can lead to the exploitation of system resources. If successfully exploited, the vulnerability poses a risk to the availability of the application, possibly resulting in service disruptions. Organizations using affected versions should prioritize patching to mitigate the potential impacts.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

EMUI 14.0.0

EMUI 13.0.0

EMUI 12.0.0

References

https://consumer.huawei.com/en/support/bulletin/2025/6/

CVSS V3.1

Score:

6.6

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jun 6, 2025
Vulnerability Reserved
May 28, 2025

JSON

Huawei