Permission Bypass Vulnerability in Huawei's Calendar Storage Module
CVE-2025-53178

4.8MEDIUM

Key Information:

Vendor

Huawei

Vendor
CVE Published:
7 July 2025

What is CVE-2025-53178?

A permission bypass vulnerability has been identified in Huawei's calendar storage module that could allow unauthorized access to certain functions. Successful exploitation may interfere with the schedule reminder function of head units, potentially leading to disruptions in user notifications and reminders. It is crucial for users and administrators of affected devices to implement security updates to mitigate the risk associated with this vulnerability.

Affected Version(s)

EMUI 14.0.0

HarmonyOS 4.3.0

HarmonyOS 4.2.0

References

CVSS V3.1

Score:
4.8
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-53178 : Permission Bypass Vulnerability in Huawei's Calendar Storage Module