Permission Control Vulnerability in Huawei Security Control Module
CVE-2026-41971

5.5MEDIUM

Key Information:

Vendor

Huawei
Status
Harmonyos
Vendor
CVE Published:
15 May 2026

What is CVE-2026-41971?

This vulnerability in Huawei's Security Control Module arises from inadequacies in permission handling, which could allow unauthorized access to sensitive data, thereby jeopardizing the confidentiality of services. Exploiting this flaw could provide malicious actors with unintended privileges, leading to unauthorized information access.

Affected Version(s)

HarmonyOS 6.0.0

HarmonyOS 5.1.0

References

https://consumer.huawei.com/en/support/bulletin/2026/5/
https://consumer.huawei.com/en/support/bulletinlaptops/20...

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.