CVE-2026-28553
Received
Received - Intake
Improper Permission Control in Theme Module Risks Data Exposure
Publication date: 2026-04-13
Last updated on: 2026-04-14
Assigner: Huawei Technologies
Description
Description
Vulnerability of improper permission control in the theme setting module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| huawei | harmonyos | 4.0.0 |
| huawei | harmonyos | 4.2.0 |
| huawei | harmonyos | 4.3.0 |
| huawei | harmonyos | 4.3.1 |
| huawei | emui | 14.0.0 |
| huawei | emui | 15.0.0 |
| huawei | emui | 14.2.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-275 | Permission Issues |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability involves improper permission control in the theme setting module, which may affect service confidentiality if successfully exploited.
However, there is no specific information provided about how this vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
This vulnerability is related to improper permission control in the theme setting module of a system or application.
How can this vulnerability impact me? :
Successful exploitation of this vulnerability may affect the confidentiality of the service.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70