CVE-2025-25278

High CVSS: 8.4

in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition.

Vendor

Product

CWE

Yayın Tarihi

2025-08-11 04:15:34

Güncelleme

2025-08-12 16:38:55

Source Identifier

scy@openharmony.io

KEV Date Added

CWE-362 Openharmony HIGH Openatom 2025

https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-08.md

Low

CVE-2026-0639

in OpenHarmony v6.0 and prior versions allow a local attacker case DOS through missing release of memory.

Medium

CVE-2025-6969

in OpenHarmony v5.1.0 and prior versions allow a local attacker cause DOS through improper input.

Medium

CVE-2025-52458

in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through o…

Medium

CVE-2025-41432

in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through o…

Medium

CVE-2025-25277

in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through u…

Low

CVE-2025-26474

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information improper input. This vulnerability can…