Inadequate Packet Length Check in Huawei's BLE Module
CVE-2025-54646

5.1MEDIUM

Key Information:

Vendor: Huawei
Status: Harmonyos; Emui
Vendor: CVE Published:; 6 August 2025

What is CVE-2025-54646?

A vulnerability exists in the BLE module of Huawei products due to insufficient validation of packet lengths. Exploiting this flaw could lead to diminished performance, potentially affecting the operation of connected devices. Users and administrators should remain vigilant and ensure proper protections are in place to mitigate any risks associated with this vulnerability.

Affected Version(s)

EMUI 14.0.0

EMUI 13.0.0

EMUI 12.0.0

References

https://consumer.huawei.com/en/support/bulletin/2025/8/

CVSS V3.1

Score:

5.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 6, 2025
Vulnerability Reserved
Jul 28, 2025