CVE-2025-66319
Permission Control Vulnerability in Resource Scheduling Risks Integrity
Publication date: 2026-03-05
Last updated on: 2026-03-05
Assigner: Huawei Technologies
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| huawei | harmonyos | 5.1.0 |
| huawei | harmonyos | 6.0.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-264 | Permissions, Privileges, and Access Controls |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-66319 is a permission control vulnerability found in the resource scheduling module of HUAWEI smart watches running HarmonyOS versions 6.0.0 and 5.1.0.
This vulnerability allows unauthorized actions related to resource scheduling, potentially compromising the integrity of the service.
How can this vulnerability impact me? :
Successful exploitation of this vulnerability may affect the integrity of the service on affected devices.
This means that unauthorized changes or disruptions could occur in the resource scheduling module, potentially leading to degraded or unreliable device performance.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
To mitigate the CVE-2025-66319 vulnerability, you should apply the March 2026 security update released by HUAWEI.
This update includes patches for the permission control vulnerability in the resource scheduling module affecting HUAWEI smart watches running HarmonyOS versions 6.0.0 and 5.1.0.
Ensuring your device is updated to the latest firmware will help protect service integrity against this medium severity issue.