Distributed Notification Service Vulnerability in Huawei Products
CVE-2025-54635

7.5HIGH

Key Information:

Vendor: Huawei
Status: Harmonyos
Vendor: CVE Published:; 6 August 2025

What is CVE-2025-54635?

A vulnerability exists in Huawei's distributed notification service, where released pointers may be returned unintentionally. This situation can lead to a denial of service, thereby affecting the availability of the service. Attackers exploiting this weakness could manipulate the notification functionality, causing disruptions in operations.

Affected Version(s)

HarmonyOS 5.1.0

References

https://consumer.huawei.com/en/support/bulletin/2025/8/

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 6, 2025
Vulnerability Reserved
Jul 28, 2025