{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-31369", "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4", "state": "PUBLISHED", "assignerShortName": "Honor", "dateReserved": "2026-03-09T03:44:51.358Z", "datePublished": "2026-04-21T06:26:52.403Z", "dateUpdated": "2026-04-21T13:18:27.938Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4", "shortName": "Honor", "dateUpdated": "2026-04-21T06:26:52.403Z"}, "title": "Privilege Bypass in PcManager", "affected": [{"vendor": "Honor", "product": "PcManager", "versions": [{"status": "affected", "version": "1.0.0.2", "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "PcManager is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability", "supportingMedia": [{"type": "text/html", "base64": false, "value": "PcManager is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability"}]}], "references": [{"url": "https://www.honor.com/global/security/CVE-2026-31369/"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseSeverity": "LOW", "baseScore": 3.2, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-269", "lang": "en", "description": "CWE-269 Improper Privilege Management"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-21T13:18:24.390829Z", "id": "CVE-2026-31369", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-21T13:18:27.938Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-31369", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-21T13:18:24.390829Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-21T13:17:52.451Z"}}], "cna": {"title": "Privilege Bypass in PcManager", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 3.2, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Honor", "product": "PcManager", "versions": [{"status": "affected", "version": "1.0.0.2", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.honor.com/global/security/CVE-2026-31369/"}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "PcManager is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability", "supportingMedia": [{"type": "text/html", "value": "PcManager is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability", "base64": false}]}], "providerMetadata": {"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4", "shortName": "Honor", "dateUpdated": "2026-04-21T06:26:52.403Z"}}}, "cveMetadata": {"cveId": "CVE-2026-31369", "state": "PUBLISHED", "dateUpdated": "2026-04-21T13:18:27.938Z", "dateReserved": "2026-03-09T03:44:51.358Z", "assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4", "datePublished": "2026-04-21T06:26:52.403Z", "assignerShortName": "Honor"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "PcManager is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability"}], "id": "CVE-2026-31369", "lastModified": "2026-05-05T20:45:22.917", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.2, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 1.4, "impactScore": 1.4, "source": "3836d913-7555-4dd0-a509-f5667fdf5fe4", "type": "Secondary"}]}, "published": "2026-04-21T07:16:09.323", "references": [{"source": "3836d913-7555-4dd0-a509-f5667fdf5fe4", "url": "https://www.honor.com/global/security/CVE-2026-31369/"}], "sourceIdentifier": "3836d913-7555-4dd0-a509-f5667fdf5fe4", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.0.0.2"}}], "enrichment": {"confidence": 97.0, "confidence_source": "matching", "scores": [{"score": 97.0, "source": "matching"}]}, "original": {"product": "PcManager", "source": "cna", "vendor": "Honor"}, "product": "pc_manager", "vendor": "honor"}], "analysis": {"en": {"generated_at": "2026-04-22T03:23:58.753000+00:00", "value": {"mitigation_remediation": ["Apply the vendor's security update for PcManager as soon as it becomes available.", "Restrict administrative access to trusted users and disable unnecessary management interfaces.", "Enable audit logging and regularly review logs for signs of privilege escalation or unauthorized configuration changes."], "summary": {"action": "Monitor", "impact": "Privilege Escalation"}, "threat_synthesis": {"affected_systems": "The affected product is Honor's PcManager, a device management platform. No specific version ranges are supplied in the public advisory, so all releases that contain the unpatched code may be vulnerable until further vendor details are provided.", "description_and_impact": "PcManager includes a privilege bypass flaw that prevents the software from enforcing proper authorization checks. Based on the description, it is inferred that an attacker who exploits this vulnerability could gain elevated privileges, allow unauthorized configuration changes, and potentially disrupt the service availability of the device management platform.", "risk_and_exploitability": "The advisory assigns a CVSS score of 3.2, indicating low severity, and an EPSS score of less than 1%, reflecting a very low likelihood of exploitation. The vulnerability is not listed in the CISA KEV catalog. The likely attack vector is local or requires user interaction, as remote exploitation is not documented."}}}}, "created": "2026-04-22T03:30:06.687634+00:00", "updated": "2026-04-22T11:46:48.746770+00:00", "vendors": ["honor", "honor$PRODUCT$pc_manager"]}