CVE-2026-28536

Published: Mar 5, 2026Modified: Mar 6, 2026

8.1

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Exploitability: 2.8 / Impact: 5.2

Source: NVD

Description

Authentication bypass vulnerability in the device authentication module. Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

Affected (2)

Products: Huawei: Harmonyos

Huawei

1 product

Harmonyos

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Huawei Harmonyos	Version 5.1.0
Huawei Harmonyos	Version 6.0.0

Related CWEs

CWE-305

Authentication Bypass by Primary Weakness

The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.

References (3)

https://consumer.huawei.com/en/support/bulletin/2026/3/

Source: psirt@huawei.com

Vendor Advisory

https://consumer.huawei.com/en/support/bulletinlaptops/2026/3/

Source: psirt@huawei.com

Vendor Advisory

https://consumer.huawei.com/en/support/bulletinvision/2026/3/

Source: psirt@huawei.com

Vendor Advisory

Timeline

No history available yet.