CVE-2026-28542

HIGH

System Service Framework - Auth Bypass

Title source: llm

Description

Permission bypass vulnerability in the system service framework. Impact: Successful exploitation of this vulnerability may affect availability.

References (2)

Scores

CVSS v3 7.3
EPSS 0.0001
EPSS Percentile 0.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

Classification

CWE
CWE-755
Status published

Affected Products (6)

huawei/emui
huawei/emui
huawei/emui
huawei/harmonyos
huawei/harmonyos
huawei/harmonyos

Timeline

Published Mar 05, 2026
Tracked Since Mar 05, 2026