The flaw arises from improper permission control within HarmonyOS’s print module. According to the description, an attacker who successfully exploits this weakness can access service‑related confidential information. The weakness is classified as CWE‑264, which denotes inappropriate privilege management. Because the vulnerability is present in the print component, a successful exploitation could expose private data that is normally protected from unauthorized users.

Huawei HarmonyOS version 6.0.0 is affected, as indicated by the vendor/product list and CPE entry. All devices running this operating system version that still expose the print module are potentially vulnerable. The issue applies to the general HarmonyOS print service and does not seem isolated to a specific device or manufacturer model within the ecosystem.

The CVSS score of 6.1 reflects a moderate impact, while the EPSS score of less than 1 percent suggests that the exploitation probability is very low under current conditions. The vulnerability is not listed in the CISA KEV catalog, further supporting the notion that widespread attacks are unlikely. An attacker would need to locate and manipulate the print module’s permission configuration, which is typically only possible through local device access or by abusing a feature that exposes print capabilities over a network. No publicly disclosed exploits or proof‑of‑concept code are linked to this CVE, so the attack path remains theoretical at present.