CVE-2025-53186 MEDIUM

CVE-2025-53186

Vendor Huawei

Product HarmonyOS

Weakness CWE-264

Published July 7, 2025

Last update July 7, 2025

View on NVD All CVEs

CVSS base score

5.9/10

Attack vector Local

Attack complexity Low

Privileges required None

User interaction None

Confidentiality Low

Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

Vulnerability that allows third-party call apps to send broadcasts without verification in the audio framework module Impact: Successful exploitation of this vulnerability may affect availability.

Key dates

02Disclosure timeline

July 7, 2025 CVE published

July 7, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-53186 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/264.html

Related vulnerabilities

Identifiers

CVE CVE-2025-53186

CWE CWE-264

CVSS 5.9 / MEDIUM

Affected versions

Vendor Huawei

Product HarmonyOS

Affected 4.3.0

Vendor Huawei

Product HarmonyOS

Affected 4.2.0

Vendor Huawei

Product HarmonyOS

Affected 4.0.0

Vendor Huawei

Product HarmonyOS

Affected 3.1.0

Vendor Huawei

Product HarmonyOS

Affected 3.0.0

Vendor Huawei

Product HarmonyOS

Affected 2.1.0

Vendor Huawei

Product HarmonyOS

Affected 2.0.0

Vendor Huawei

Product EMUI

Affected 14.0.0

Vendor Huawei

Product EMUI

Affected 13.0.0

Vendor Huawei

Product EMUI

Affected 12.0.0

CVE-2025-53186

01Description

02Disclosure timeline

03References

04Related CVE