UAF Vulnerability in USB Driver Module Affecting Huawei Products
CVE-2025-58311

5.8MEDIUM

Key Information:

Vendor: Huawei
Status: Harmonyos; Emui
Vendor: CVE Published:; 28 November 2025

What is CVE-2025-58311?

A Use After Free (UAF) vulnerability has been identified in Huawei's USB driver module, which may allow an attacker to exploit this flaw to impact the availability and confidentiality of the system. The UAF vulnerability can lead to potential unauthorized access, risking the integrity of sensitive data and system operations. Users are advised to stay updated with security patches to mitigate risks associated with this vulnerability.

Affected Version(s)

EMUI 15.0.0

EMUI 14.2.0

EMUI 14.0.0

References

https://consumer.huawei.com/en/support/bulletin/2025/11/

CVSS V3.1

Score:

5.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 28, 2025
Vulnerability Reserved
Aug 28, 2025

JSON