Permission Bypass in Calendar Storage Module by Huawei
CVE-2025-53177

3.9LOW

Key Information:

Vendor

Huawei

Vendor
CVE Published:
7 July 2025

What is CVE-2025-53177?

A vulnerability exists in the calendar storage module developed by Huawei, which allows unauthorized users to bypass access controls. This exploitation could disrupt the normal functioning of the schedule syncing feature in devices. If left unaddressed, individuals may experience issues with syncing appointments and calendar events across their smartwatches, potentially leading to significant organizational and personal disruptions.

Affected Version(s)

EMUI 14.0.0

HarmonyOS 4.3.0

HarmonyOS 4.2.0

References

CVSS V3.1

Score:
3.9
Severity:
LOW
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-53177 : Permission Bypass in Calendar Storage Module by Huawei