Description
Address read vulnerability in the communication module.
Impact: Successful exploitation of this vulnerability may affect availability.
Published: 2026-02-06
Score: 6.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service (availability)
Action: Patch
AI Analysis

Impact

A vulnerability in Huawei’s communication module allows an attacker to read memory addresses, which could lead to a breakdown of the system’s availability. The flaw may enable a user or malicious actor to cause a denial of service by disrupting normal operation of the affected OS.

Affected Systems

Huawei Emui 15.0.0, Huawei HarmonyOS 4.3.1, 5.1.0, 5.1.1, and 6.0.0 are all impacted, as identified by the vendor’s support bulletins for consumer devices, laptops, vision hardware, and wearables.

Risk and Exploitability

The CVSS score of 6.8 indicates moderate severity, while the EPSS score of less than 1% suggests a very low probability that the vulnerability will be actively exploited. The flaw is not listed in the CISA KEV catalog. Based on the description, the attack vector is inferred to be related to the communication module, potentially allowing local or remote exploitation through network traffic or privileged processes. No specific exploitation method is detailed in the advisory, and no workaround is currently provided by the vendor.

Generated by OpenCVE AI on April 18, 2026 at 18:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Download and install the latest firmware or OS update from Huawei that addresses the address‑read issue in the communication module.
  • If an update is not yet available, limit exposure by disabling or restricting unnecessary network services that load the vulnerable component.
  • Configure device firewall rules or network segmentation to block unsolicited traffic to the communication module interface, reducing potential exploitation vectors.

Generated by OpenCVE AI on April 18, 2026 at 18:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 18 Apr 2026 18:45:00 +0000

Type Values Removed Values Added
Title Insecure Address Read in Huawei Communication Module Leading to Availability Impact

Tue, 10 Feb 2026 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Huawei
Huawei emui
Huawei harmonyos
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:o:huawei:emui:15.0.0:*:*:*:*:*:*:*
cpe:2.3:o:huawei:harmonyos:4.3.1:*:*:*:*:*:*:*
cpe:2.3:o:huawei:harmonyos:5.1.0:*:*:*:*:*:*:*
cpe:2.3:o:huawei:harmonyos:5.1.1:*:*:*:*:*:*:*
cpe:2.3:o:huawei:harmonyos:6.0.0:*:*:*:*:*:*:*
Vendors & Products Huawei
Huawei emui
Huawei harmonyos

Fri, 06 Feb 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 06 Feb 2026 08:45:00 +0000

Type Values Removed Values Added
Description Address read vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability.
Weaknesses CWE-476
References
Metrics cvssV3_1

{'score': 6.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H'}

Subscriptions

Huawei Emui Harmonyos
cve-icon MITRE

Status: PUBLISHED

Assigner: huawei

Published:

Updated: 2026-02-06T16:54:40.772Z

Reserved: 2026-01-28T06:05:05.257Z

Link: CVE-2026-24918

cve-icon Vulnrichment

Updated: 2026-02-06T16:54:35.325Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-06T09:15:50.250

Modified: 2026-02-10T17:59:46.380

Link: CVE-2026-24918

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T18:30:07Z

Weaknesses