CVE-2026-31368
Privilege Bypass in AiAssistant Causes Potential Service Disruption
Publication date: 2026-04-21
Last updated on: 2026-05-05
Assigner: Honor Device Co., Ltd.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| honor | aiassistant | 90.0.12.010 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-31368 is a privilege bypass vulnerability in the AiAssistant software. This means an attacker can circumvent the normal privilege restrictions that are supposed to protect certain functions or data within the system.
Successful exploitation of this vulnerability may affect the availability of the AiAssistant service, potentially disrupting its normal operation.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker to bypass privilege restrictions, which may lead to disruption or unavailability of the AiAssistant service.
If the service becomes unavailable, it could affect any dependent processes or users relying on AiAssistant, potentially causing operational issues.
What immediate steps should I take to mitigate this vulnerability?
To mitigate the privilege bypass vulnerability in AiAssistant (CVE-2026-31368), you should update the affected product to the fixed version.
- Install the software update released for AiAssistant version 90.0.12.010 or later.
- Enable automatic updates on your devices to receive the system update prompt and apply the fix promptly.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how the privilege bypass vulnerability in AiAssistant (CVE-2026-31368) affects compliance with common standards and regulations such as GDPR or HIPAA.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The vulnerability affects AiAssistant version 90.0.12.010 and involves privilege bypass that may impact service availability.
Detection can primarily be done by verifying the installed version of AiAssistant on your system or network devices.
- Check the AiAssistant version installed to see if it matches 90.0.12.010, which is vulnerable.
- If the system supports automatic updates, verify whether the security update addressing CVE-2026-31368 has been applied.
Specific commands to detect this vulnerability are not provided in the available resources.