CVE-2025-58287
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-11
Last updated on: 2025-10-16
Assigner: Huawei Technologies
Description
Description
Use After Free (UAF) vulnerability in the office service. Successful exploitation of this vulnerability may affect service confidentiality.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| huawei | harmonyos | 5.0.1 |
| huawei | harmonyos | 5.1.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-275 | Permission Issues |
| CWE-416 | The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Use After Free (UAF) issue in the office service. It occurs when the software attempts to use memory after it has been freed, which can lead to unexpected behavior or exploitation.
How can this vulnerability impact me? :
Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the affected service, potentially leading to unauthorized access or disruption.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70