Description
Permission management vulnerability in the network management module. Impact: Successful exploitation of this vulnerability may affect service integrity.
Published: 2026-06-09
Score: 6.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in the permission management of Huawei HarmonyOS’s network management module permits an attacker to alter or bypass the normal access controls governing configuration changes. The vulnerability can lead to unauthorized modifications of network settings, thereby compromising the integrity of services that rely on those settings. (This impact description is based solely on the official CVE narrative and not on any additional source.)

Affected Systems

The vulnerability is tied to Huawei HarmonyOS. No product variant or version numbers are specified in the CNA data, indicating that any installation of HarmonyOS may be affected until a corrective update is applied.

Risk and Exploitability

The CVSS score of 6.3 reflects a medium severity risk. The EPSS score is not available, and the vulnerability is not listed in CISA’s KEV catalog. The likely attack vector is local or privileged access to the network management module, but this assumption is derived from the description rather than an explicit statement in the advisory. If exploited, an attacker could adjust configuration parameters that alter the expected behavior of network services.

Generated by OpenCVE AI on June 9, 2026 at 06:06 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the security patch or update announced in Huawei’s 2026 June bulletin for HarmonyOS
  • If the network management module is not required, disable or uninstall it to reduce the attack surface
  • Enforce strict access controls so that only trusted users have permission to modify network management settings

Generated by OpenCVE AI on June 9, 2026 at 06:06 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 09 Jun 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 09 Jun 2026 06:30:00 +0000

Type Values Removed Values Added
Title Permission Management Vulnerability Affecting Service Integrity in Huawei HarmonyOS Network Management Module

Tue, 09 Jun 2026 06:00:00 +0000

Type Values Removed Values Added
First Time appeared Huawei
Huawei harmonyos
Vendors & Products Huawei
Huawei harmonyos

Tue, 09 Jun 2026 04:45:00 +0000

Type Values Removed Values Added
Description Permission management vulnerability in the network management module. Impact: Successful exploitation of this vulnerability may affect service integrity.
Weaknesses CWE-701
References
Metrics cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:H'}

Subscriptions

Huawei Harmonyos
cve-icon MITRE

Status: PUBLISHED

Assigner: huawei

Published:

Updated: 2026-06-09T13:50:47.061Z

Reserved: 2026-04-23T01:42:44.929Z

Link: CVE-2026-41975

cve-icon Vulnrichment

Updated: 2026-06-09T13:50:38.606Z

cve-icon NVD

Status : Deferred

Published: 2026-06-09T05:16:37.893

Modified: 2026-06-09T13:34:58.997

Link: CVE-2026-41975

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-09T06:15:06Z

Weaknesses