CVE-2025-48902 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.6 MEDIUM	LOCAL	HIGH	LOW	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:H
huawei	CNA	6.6 MEDIUM	LOCAL	HIGH	LOW	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:H
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Vendor	Product	Version
huawei	emui	12.0.0
huawei	emui	13.0.0
huawei	emui	14.0.0
huawei	harmonyos	2.0.0
huawei	harmonyos	2.1.0
huawei	harmonyos	3.0.0
huawei	harmonyos	3.1.0
huawei	harmonyos	4.0.0
huawei	harmonyos	4.2.0
huawei	harmonyos	4.3.0

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-118 - Incorrect Access of Indexable Resource ('Range Error')
The software does not restrict or incorrectly restricts operations within the boundaries of a resource that is accessed using an index or pointer, such as memory or files.

References

https://consumer.huawei.com/en/support/bulletin/2025/6/