Out-of-Bounds Array Access Vulnerability in Huawei Location Service Module
CVE-2025-54645

5.5MEDIUM

Key Information:

Vendor: Huawei
Status: Harmonyos
Vendor: CVE Published:; 6 August 2025

What is CVE-2025-54645?

An out-of-bounds array access vulnerability exists within the Huawei location service module due to inadequate data verification processes. Malicious actors can exploit this issue to disrupt system availability, posing significant risks to applications relying on this service. Ensuring appropriate patches and mitigations are applied is crucial for maintaining security and stability.

Affected Version(s)

HarmonyOS 5.1.0

HarmonyOS 5.0.1

References

https://consumer.huawei.com/en/support/bulletin/2025/8/

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 6, 2025
Vulnerability Reserved
Jul 28, 2025