CVE-2025-68964
Data Verification Flaw in HiView Module Causes Availability Impact
Publication date: 2026-01-14
Last updated on: 2026-01-14
Assigner: Huawei Technologies
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| huawei | harmonyos | 6.0.0 |
| huawei | harmonyos | 4.3.0 |
| huawei | harmonyos | 5.1.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-20 | The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a data verification issue in the HiView module of Huawei devices running HarmonyOS. It means that the module does not properly verify data, which could lead to problems in how the system processes or handles data. [4]
How can this vulnerability impact me? :
Successful exploitation of this vulnerability may affect the availability of the affected device, potentially causing disruptions or denial of service. [4]
What immediate steps should I take to mitigate this vulnerability?
Apply the latest Huawei security update for HarmonyOS 5.1.1 or later, as detailed in the January 2026 security bulletin. This update addresses CVE-2025-68964 among other vulnerabilities and is part of Huawei's ongoing monthly security maintenance for flagship models. [4]