CVE-2025-58290

EPSS 0.01%
Veröffentlicht 11.10.2025 08:49:56
Zuletzt bearbeitet 16.10.2025 15:23:48
Quelle psirt@huawei.com
CVE-Watchlists
Login
Unerledigt
Login

Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnerability may affect availability.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

NVD 2 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Huawei ≫ Harmonyos Version5.0.1

Huawei ≫ Harmonyos Version5.1.0

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.021

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
psirt@huawei.com	3.3	1.8	1.4	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

CWE-41 Improper Resolution of Path Equivalence

The product is vulnerable to file system contents disclosure through path equivalence. Path equivalence involves the use of special characters in file and directory names. The associated manipulations are intended to generate multiple names for the same object.

https://consumer.huawei.com/en/support/bulletin/2025/10/

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-58290

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-58290

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-58290

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-58290