CVE-2025-54649

Vulnerability of using incompatible types to access resources in the location service.
Impact: Successful exploitation of this vulnerability may cause some location information attributes to be incorrect.
Type Confusion
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.5 MEDIUM
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
huaweiCNA
4.5 MEDIUM
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
VendorProductVersion
huaweiharmonyos
5.0.1
huaweiharmonyos
5.1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://consumer.huawei.com/en/support/bulletin/2025/8/