CVE-2025-66330
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-08

Last updated on: 2025-12-08

Assigner: Huawei Technologies

Description
App lock verification bypass vulnerability in the file management app. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-08
Last Modified
2025-12-08
Generated
2026-05-07
AI Q&A
2025-12-08
EPSS Evaluated
2026-05-05
NVD
CVE-2025-66330
EUVD
EUVD-2025-201673
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
huawei harmonyos 5.0.1
huawei harmonyos 5.1.0
huawei harmonyos 6.0.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-200 The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is an app lock verification bypass in a file management application. It means that the security mechanism designed to lock and protect the app can be bypassed, potentially allowing unauthorized access.


How can this vulnerability impact me? :

Successful exploitation of this vulnerability may affect the confidentiality of services, potentially exposing sensitive files or data managed by the app to unauthorized users.


What immediate steps should I take to mitigate this vulnerability?

Apply the December 2025 Huawei security update, which includes patches addressing this and other vulnerabilities in HarmonyOS devices. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart