{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-28544", "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "state": "PUBLISHED", "assignerShortName": "huawei", "dateReserved": "2026-02-28T03:58:12.088Z", "datePublished": "2026-03-05T07:34:24.606Z", "dateUpdated": "2026-03-05T14:52:49.291Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "HarmonyOS", "vendor": "Huawei", "versions": [{"status": "affected", "version": "6.0.0"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability."}], "value": "Race condition vulnerability in the printing module.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-362", "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei", "dateUpdated": "2026-03-05T07:34:24.606Z"}, "references": [{"url": "https://consumer.huawei.com/en/support/bulletin/2026/3/"}, {"url": "https://consumer.huawei.com/en/support/bulletinlaptops/2026/3/"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-05T14:52:40.333031Z", "id": "CVE-2026-28544", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-05T14:52:49.291Z"}}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:harmonyos:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "0EBE30DD-E146-4A6A-BE68-DEF9D4D0B2A8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Race condition vulnerability in the printing module.\u00a0Impact: Successful exploitation of this vulnerability may affect availability."}], "id": "CVE-2026-28544", "lastModified": "2026-03-05T21:40:48.610", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 1.4, "impactScore": 4.7, "source": "psirt@huawei.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-03-05T08:15:59.313", "references": [{"source": "psirt@huawei.com", "tags": ["Vendor Advisory"], "url": "https://consumer.huawei.com/en/support/bulletin/2026/3/"}, {"source": "psirt@huawei.com", "tags": ["Vendor Advisory"], "url": "https://consumer.huawei.com/en/support/bulletinlaptops/2026/3/"}], "sourceIdentifier": "psirt@huawei.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "psirt@huawei.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "6.0.0"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "HarmonyOS", "source": "cna", "vendor": "Huawei"}, "product": "harmonyos", "vendor": "huawei"}], "analysis": {"en": {"generated_at": "2026-04-17T12:47:55.721701+00:00", "value": {"mitigation_remediation": ["Consult the Huawei March\u202f2026 bulletin for any guidance or updates addressing the printing module race condition.", "If a patch is not yet available, consider disabling the printing service or restricting print job access until the fix is deployed.", "Monitor system logs and printing activity for abnormal behavior that may indicate exploitation attempts."], "summary": {"action": "Assess Impact", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "Huawei HarmonyOS version 6.0.0 is affected. Devices running this operating system that utilize the built\u2011in printing functionality are at risk.", "description_and_impact": "A race condition exists in the printing module of Huawei HarmonyOS, allowing a successful exploitation to disrupt service availability. The flaw pertains to concurrent access to shared resources in the print subsystem, which can cause the system to hang or crash when multiple print jobs are processed simultaneously.", "risk_and_exploitability": "The vulnerability carries a CVSS score of 6.2, indicating moderate severity, and an EPSS score of less than 1%, suggesting a very low probability of exploitation at present. It is not listed in the CISA KEV catalog. The attack vector is inferred to be dependent on the ability to submit print jobs, potentially via local or network\u2011bound printing interfaces, but the exact exploitation path has not been publicly confirmed in the description."}}}}, "created": "2026-03-06T15:07:58.670073+00:00", "title": "Race condition in HarmonyOS printing module causing potential denial of service", "updated": "2026-04-17T13:00:11.990798+00:00", "vendors": ["huawei", "huawei$PRODUCT$harmonyos"]}