CVE-2025-54611
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-06
Last updated on: 2025-08-12
Assigner: Huawei Technologies
Description
Description
EXTRA_REFERRER resource read vulnerability in the Gallery module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| huawei | emui | 12.0.0 |
| huawei | emui | 13.0.0 |
| huawei | emui | 14.0.0 |
| huawei | emui | 15.0.0 |
| huawei | harmonyos | 2.0.0 |
| huawei | harmonyos | 2.1.0 |
| huawei | harmonyos | 3.0.0 |
| huawei | harmonyos | 3.1.0 |
| huawei | harmonyos | 4.0.0 |
| huawei | harmonyos | 4.2.0 |
| huawei | harmonyos | 4.3.0 |
| huawei | harmonyos | 4.3.1 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-noinfo | |
| CWE-840 | Business Logic Errors |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an EXTRA_REFERRER resource read issue in the Gallery module, which means that unauthorized access to certain resource information can occur due to improper handling of referrer data.
How can this vulnerability impact me? :
Successful exploitation of this vulnerability may compromise service confidentiality, potentially exposing sensitive information. It has a high impact on confidentiality, with some impact on integrity and availability.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70