CVE-2025-54645

EPSS 0.01%
Published 06.08.2025 02:48:19
Last modified 13.08.2025 18:51:21
Source psirt@huawei.com
Teams watchlist Login
Open Login

Out-of-bounds array access issue due to insufficient data verification in the location service module.
Impact: Successful exploitation of this vulnerability may affect availability.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Data is provided by the National Vulnerability Database (NVD)

Huawei ≫ Harmonyos Version5.0.1

Huawei ≫ Harmonyos Version5.1.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.01%	0.003

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
psirt@huawei.com	5	1.8	2.7	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE-129 Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

https://consumer.huawei.com/en/support/bulletin/2025/8/

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-54645

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-54645

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-54645

EUVD