CVE-2025-54637

August 5, 2025 invoker category_cve

CVE Details

Basic Information

Title	CVE-2025-54637
Type	cve
Published	2025-08-06T02:33:47.309Z
Modified	2025-08-06T02:33:47.309Z

Product Information

Vendor	Huawei
Product	HarmonyOS
Version	4.0.0

CVSS Information

Base Score	4.4 (MEDIUM)
Attack Vector	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

AI Analysis

AI Description	This vulnerability is an out-of-bounds array access issue in the kernel ambient light module due to insufficient data verification. It could affect service confidentiality if exploited successfully.
AI Severity	Medium
AI Vendor	Huawei
AI Product	HarmonyOS
AI Version	HarmonyOS 4.0.0, HarmonyOS 3.1.0, HarmonyOS 3.0.0, EMUI 14.0.0, EMUI 13.0.0

Affected Products

Huawei HarmonyOS 4.0.0
Huawei HarmonyOS 3.1.0
Huawei HarmonyOS 3.0.0
Huawei EMUI 14.0.0
Huawei EMUI 13.0.0

Additional Information

CWE List	CWE-125
Source	huawei

Description

Out-of-bounds array access issue due to insufficient data verification in the kernel ambient light module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality.

References

https://consumer.huawei.com/en/support/bulletin/2025/8/

View Full CVE Details

💭 Join the Security Discussion ❌ Cancel Reply