CVE Daily

CVE-2025-25278

in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code e...

High CVSS 8.4

Overview

in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition.

CWE: CWE-362 Published: 2025-08-11T04:15:34.920
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 8.4 (HIGH)
  • Detected tags: race, rce (tag impact: VERY HIGH)

Recommended actions:

  • Patch/upgrade immediately (remote code execution).
  • Reduce exposure (WAF/segmentation), minimize attack surface.

Recommended tools

Tags