Permission Control Flaw in Huawei Distributed Component
CVE-2025-58310

8HIGH

Key Information:

Vendor: Huawei
Status: Harmonyos
Vendor: CVE Published:; 28 November 2025

What is CVE-2025-58310?

A permission control vulnerability exists in Huawei's distributed component, allowing unauthorized access that may compromise the confidentiality of services. Successful exploitation could lead to sensitive information leakage, threatening the integrity of data and system operations. Users of affected versions should take immediate action to mitigate risks by applying available patches and enhancing their security configurations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

HarmonyOS 5.1.0

HarmonyOS 5.0.1

HarmonyOS 6.0.0

References

https://consumer.huawei.com/en/support/bulletin/2025/11/

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 28, 2025
Vulnerability Reserved
Aug 28, 2025

JSON

Huawei