Path Traversal Vulnerability in Huawei SMS Application
CVE-2026-41972

5.4MEDIUM

Key Information:

Vendor

Huawei

Status
Vendor
CVE Published:
9 June 2026

What is CVE-2026-41972?

A path traversal vulnerability has been identified in Huawei's SMS application, which could allow attackers to manipulate file system paths and potentially gain unauthorized access to sensitive files. This flaw may impact the overall availability of the application, making it crucial for users to apply the necessary patches and updates to safeguard their data and maintain application stability.

Affected Version(s)

HarmonyOS 6.1.0

HarmonyOS 6.0.0

HarmonyOS 5.1.0

References

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.