Race Condition Vulnerability in Huawei Network Module
CVE-2025-66327

7.1HIGH

Key Information:

Vendor: Huawei
Status: Harmonyos
Vendor: CVE Published:; 8 December 2025

What is CVE-2025-66327?

A race condition vulnerability has been identified in the network module of Huawei products. This vulnerability may allow attackers to exploit the race condition, potentially compromising the confidentiality of services. By manipulating the timing of events, an attacker could gain unauthorized access to sensitive information or disrupt the normal operation of network services, leading to significant consequences for affected systems.

Affected Version(s)

HarmonyOS 5.1.0

HarmonyOS 5.0.1

References

https://consumer.huawei.com/en/support/bulletin/2025/12/

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 8, 2025
Vulnerability Reserved
Nov 27, 2025

JSON