CVE-2025-68970

MEDIUM WAF: Medium
CVSS 5.5 Published: 2026-01-14
CWE-20

Permission verification bypass vulnerability in the media library module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

WAF Coverage Analysis

Improper Input Validation Medium WAF Coverage

OWASP: A03:2021 Injection

920xxx - Protocol Enforcement 941xxx - XSS / XXE 942xxx - SQL Injection

Affected Software

VendorProductVersion
huaweiemui13.0.0
huaweiemui14.0.0
huaweiemui14.2.0
huaweiemui15.0.0
huaweiharmonyos3.0.0
huaweiharmonyos3.1.0
huaweiharmonyos4.0.0
huaweiharmonyos4.2.0
huaweiharmonyos4.3.0
huaweiharmonyos4.3.1

References

Back to CVE Database