Out-of-Bounds Array Access in Huawei Kernel Ambient Light Module
CVE-2025-54644

6.6MEDIUM

Key Information:

Vendor

Huawei
Status
Harmonyos
Emui
Vendor
CVE Published:
6 August 2025

What is CVE-2025-54644?

An out-of-bounds array access vulnerability exists within Huawei's kernel ambient light module, triggered by inadequate data verification processes. If exploited, this flaw can compromise service confidentiality, potentially leading to unauthorized access to sensitive information and undermining system integrity.

Affected Version(s)

EMUI 14.0.0

EMUI 13.0.0

HarmonyOS 4.0.0

References

https://consumer.huawei.com/en/support/bulletin/2025/8/

CVSS V3.1

Score:
6.6
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.