Permission Control Flaw in Huawei Distributed Component
CVE-2025-58310

8HIGH

Key Information:

Vendor: Huawei
Status: Harmonyos
Vendor: CVE Published:; 28 November 2025

What is CVE-2025-58310?

A permission control vulnerability exists in Huawei's distributed component, allowing unauthorized access that may compromise the confidentiality of services. Successful exploitation could lead to sensitive information leakage, threatening the integrity of data and system operations. Users of affected versions should take immediate action to mitigate risks by applying available patches and enhancing their security configurations.

Affected Version(s)

HarmonyOS 5.1.0

HarmonyOS 5.0.1

HarmonyOS 6.0.0

References

https://consumer.huawei.com/en/support/bulletin/2025/11/

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 28, 2025
Vulnerability Reserved
Aug 28, 2025

JSON