CVE-2024-58047

Published: Mar 4, 2025Modified: Mar 5, 2025

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Affected (1)

Products: Huawei: Harmonyos

Huawei

1 product

Harmonyos

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Huawei Harmonyos	Version 5.0.0

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

CWE-276

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

References (1)

https://consumer.huawei.com/en/support/bulletin/2025/3/

Source: psirt@huawei.com

Vendor Advisory

Timeline

No history available yet.