CVE-2025-46014

Published: Jun 30, 2025Modified: Oct 15, 2025

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

Several services in Honor Device Co., Ltd Honor PC Manager v16.0.0.118 was discovered to connect services to the named pipe iMateBookAssistant with default or overly permissive security attributes, leading to a privilege escalation.

Affected (1)

Products: Honor: Pc Manager

Honor

1 product

Pc Manager

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Honor Pc Manager	Up to 16.0.0.118

Related CWEs

CWE-276

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (1)

https://github.com/Souhardya/Exploit-PoCs/tree/main/HonorPCManager-PrivEsc

Source: cve@mitre.org

ExploitThird Party Advisory

Timeline

No history available yet.