Out-of-Bounds Access Vulnerability in Huawei Audio Codec Module
CVE-2025-54610

7.5HIGH

Key Information:

Vendor: Huawei
Status: Harmonyos
Vendor: CVE Published:; 6 August 2025

What is CVE-2025-54610?

An out-of-bounds access vulnerability has been identified in the audio codec module of Huawei products. This flaw allows for potential unauthorized memory access, which could lead to disruption of service. If exploited, the vulnerability may compromise the availability of services reliant on the affected codec, presenting a significant risk in audio processing and transmission. Users should assess their exposure and consider applying available patches to mitigate the risk.

Affected Version(s)

HarmonyOS 5.1.0

HarmonyOS 5.0.1

References

https://consumer.huawei.com/en/support/bulletin/2025/8/

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 6, 2025
Vulnerability Reserved
Jul 28, 2025