API Authorization Flaw in Huawei's FRS Process
CVE-2025-48904

4.4MEDIUM

Key Information:

Vendor

Huawei

Status
Vendor
CVE Published:
6 June 2025

What is CVE-2025-48904?

A significant vulnerability exists within Huawei's Face Recognition System that allows unauthorized API calls during the FRS process. This flaw could lead to inadvertent access to sensitive functionalities, impacting the system's availability and overall integrity.

Affected Version(s)

HarmonyOS 5.0.0

References

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-48904 : API Authorization Flaw in Huawei's FRS Process