Description
Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability.
Published: 2026-03-05
Score: 5.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Availability impact due to race condition in HarmonyOS printing module
Action: Apply Update
AI Analysis

Impact

A race condition exists in the printing module of Huawei HarmonyOS, allowing an attacker who can trigger concurrent access to the print spooler to destabilize the service. Successful exploitation may cause the printing component to become unresponsive, leading to denial of availability for users relying on printing functions. This vulnerability is classified under CWE-362, indicating a flaw in concurrent resource handling.

Affected Systems

Huawei HarmonyOS 6.0.0 is affected. The issue impacts all devices running HarmonyOS 6.0.0.

Risk and Exploitability

The CVSS score of 5.9 reflects a moderate risk level. The EPSS score of less than 1% denotes a very low exploitation probability at the time of this analysis. The vulnerability is not present in the CISA KEV catalog, suggesting no known widespread exploitation yet. Attackers would likely need local access to the printing subsystem or privileged user context to trigger the race condition, making the attack vector more restrictive than remote exploitation.

Generated by OpenCVE AI on April 18, 2026 at 09:54 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Review and apply the latest HarmonyOS update released by Huawei for the March 2026 support bulletin that addresses the printing module race condition
  • Restrict printing subsystem access by limiting printing privileges to trusted users or applications
  • Enable audit logging for print spooler events to detect irregular activity and potential race conditions

Generated by OpenCVE AI on April 18, 2026 at 09:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 18 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
Title Race Condition in HarmonyOS Printing Module Causing Availability Impact

Thu, 05 Mar 2026 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Huawei
Huawei harmonyos
CPEs cpe:2.3:o:huawei:harmonyos:6.0.0:*:*:*:*:*:*:*
Vendors & Products Huawei
Huawei harmonyos

Thu, 05 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 05 Mar 2026 08:00:00 +0000

Type Values Removed Values Added
Description Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability.
Weaknesses CWE-362
References
Metrics cvssV3_1

{'score': 5.9, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L'}

Subscriptions

Huawei Harmonyos
cve-icon MITRE

Status: PUBLISHED

Assigner: huawei

Published:

Updated: 2026-03-05T15:15:13.150Z

Reserved: 2026-02-28T03:58:12.088Z

Link: CVE-2026-28545

cve-icon Vulnrichment

Updated: 2026-03-05T15:14:56.971Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-05T08:15:59.470

Modified: 2026-03-05T21:40:58.367

Link: CVE-2026-28545

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T10:00:10Z

Weaknesses