{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-41432", "assignerOrgId": "0cf5dd6e-1214-4398-a481-30441e48fafd", "state": "PUBLISHED", "assignerShortName": "OpenHarmony", "dateReserved": "2025-07-01T12:16:38.212Z", "datePublished": "2026-03-16T07:09:53.417Z", "dateUpdated": "2026-03-16T17:25:26.465Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "0cf5dd6e-1214-4398-a481-30441e48fafd", "shortName": "OpenHarmony", "dateUpdated": "2026-03-16T07:09:53.417Z"}, "title": "arkcompiler_ets_runtime has an out-of-bounds write vulnerability", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds write", "type": "CWE"}]}], "affected": [{"vendor": "OpenHarmony", "product": "OpenHarmony", "versions": [{"status": "affected", "version": "v5.0.3", "lessThanOrEqual": "v5.1.0.x", "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios."}]}], "references": [{"url": "https://gitcode.com/openharmony/security/tree/master/zh/security-disclosure/2025/2025-10.md"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-16T17:24:14.281332Z", "id": "CVE-2025-41432", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T17:25:26.465Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-41432", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-16T17:24:14.281332Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T17:25:21.606Z"}}], "cna": {"title": "arkcompiler_ets_runtime has an out-of-bounds write vulnerability", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "OpenHarmony", "product": "OpenHarmony", "versions": [{"status": "affected", "version": "v5.0.3", "versionType": "custom", "lessThanOrEqual": "v5.1.0.x"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://gitcode.com/openharmony/security/tree/master/zh/security-disclosure/2025/2025-10.md"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.", "supportingMedia": [{"type": "text/html", "value": "in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds write"}]}], "providerMetadata": {"orgId": "0cf5dd6e-1214-4398-a481-30441e48fafd", "shortName": "OpenHarmony", "dateUpdated": "2026-03-16T07:09:53.417Z"}}}, "cveMetadata": {"cveId": "CVE-2025-41432", "state": "PUBLISHED", "dateUpdated": "2026-03-16T17:25:26.465Z", "dateReserved": "2025-07-01T12:16:38.212Z", "assignerOrgId": "0cf5dd6e-1214-4398-a481-30441e48fafd", "datePublished": "2026-03-16T07:09:53.417Z", "assignerShortName": "OpenHarmony"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:openatom:openharmony:5.0.3:*:*:*:-:*:*:*", "matchCriteriaId": "191FD913-141A-4354-81C3-96C87D4D7CAE", "vulnerable": true}, {"criteria": "cpe:2.3:o:openatom:openharmony:5.1.0:*:*:*:-:*:*:*", "matchCriteriaId": "0BE5D50A-ABFA-476E-BAE6-41EFEAC1F486", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios."}], "id": "CVE-2025-41432", "lastModified": "2026-03-17T19:58:29.997", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "scy@openharmony.io", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-03-16T14:17:58.693", "references": [{"source": "scy@openharmony.io", "tags": ["Vendor Advisory"], "url": "https://gitcode.com/openharmony/security/tree/master/zh/security-disclosure/2025/2025-10.md"}], "sourceIdentifier": "scy@openharmony.io", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "scy@openharmony.io", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[v5.0.3,v5.1.0.x]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "OpenHarmony", "source": "cna", "vendor": "OpenHarmony"}, "product": "openharmony", "vendor": "openharmony"}], "analysis": {"en": {"generated_at": "2026-03-17T21:42:33.304556+00:00", "value": {"mitigation_remediation": ["Apply the latest OpenHarmony patch or upgrade to a version that addresses the arkcompiler_ets_runtime out-of-bounds write. ", "Verify the device firmware version after applying the update to ensure the vulnerability has been remediated. ", "Monitor the vendor\u2019s security advisories for any new patches or mitigations and apply them promptly."], "summary": {"action": "Patch", "impact": "Local Code Execution"}, "threat_synthesis": {"affected_systems": "Affected systems are OpenHarmony builds 5.1.0, 5.0.3 and any earlier releases that meet the same code snapshot. The CPE strings list the products as openatom:openharmony:5.0.3 and openatom:openharmony:5.1.0, indicating that any instance of these versions, whether pre\u2011installed on consumer devices or embedded in custom appliances, is vulnerable.", "description_and_impact": "OpenHarmony versions 5.1.0 and earlier contain an out\u2011of\u2011bounds write in the arkcompiler_ets_runtime component that can be abused to execute arbitrary code within pre\u2011installed applications. The flaw is a classic buffer overflow (CWE\u2011787) and the affected code path can be triggered by a local attacker \u2013 the attack does not require remote network access. The potential impact is the execution of malicious code with the privileges of the compromised application, which could compromise system confidentiality, integrity, or availability if the application runs with elevated privileges.", "risk_and_exploitability": "The CVSS score of 5.5 classifies the vulnerability as moderate severity. EPSS is reported as less than 1%, indicating a low probability of exploitation in the wild, and the vulnerability is not listed in the CISA KEV catalog. Nevertheless, because it requires only local access and can allow code execution, the risk is increased when devices are used by untrusted users or in insecure workspaces. The vulnerability can be exploited only in restricted scenarios, so the attack vector is not widely available but still represents a serious local privilege escalation risk."}}}}, "created": "2026-03-17T09:53:08.189306+00:00", "updated": "2026-03-24T10:45:33.536368+00:00", "vendors": ["openharmony", "openharmony$PRODUCT$openharmony"]}