CVE-2025-54622
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-06
Last updated on: 2025-08-20
Assigner: Huawei Technologies
Description
Description
Binding authentication bypass vulnerability in the devicemanager module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| huawei | harmonyos | 5.0.1 |
| huawei | harmonyos | 5.0.2 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-305 | The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a binding authentication bypass in the devicemanager module, which means that the authentication process can be bypassed, potentially allowing unauthorized access.
How can this vulnerability impact me? :
Successful exploitation of this vulnerability may affect service confidentiality, potentially leading to unauthorized access to sensitive information and full compromise of confidentiality, integrity, and availability.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70