Permission Control Vulnerability in Huawei Notepad Module
CVE-2025-64311

5.1MEDIUM

Key Information:

Vendor

Huawei
Status
Harmonyos
Vendor
CVE Published:
28 November 2025

What is CVE-2025-64311?

A permission control vulnerability exists in the Notepad module of Huawei products, allowing unauthorized access that could compromise service confidentiality. Exploiting this vulnerability might lead to unauthorized disclosure of sensitive information. Users of affected Huawei Notepad versions should take immediate measures to patch their systems to mitigate potential risks.

Affected Version(s)

HarmonyOS 5.1.0

HarmonyOS 5.0.1

HarmonyOS 6.0.0

References

https://consumer.huawei.com/en/support/bulletin/2025/11/

CVSS V3.1

Score:
5.1
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-64311 : Permission Control Vulnerability in Huawei Notepad Module