CVE-2024-56443

Medium

Published: 08 January 2025

Published

08 January 2025

Modified

13 January 2025

KEV Added

—

Patch

—

CVSS Score 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score 0.0009 24.7th percentile

Risk Priority 12 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-56443 is a medium-severity Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) vulnerability in Huawei Harmonyos. Its CVSS base score is 6.2 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Data from Local System (T1005); ranked at the 24.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-4 (Information Flow Enforcement) and SC-39 (Process Isolation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Data from Local System (T1005). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SC-39 Process Isolation good match

prevent

Process isolation directly prevents cross-process access to the UIExtension screen stack, blocking unauthorized exposure of sensitive service data.

SC-4 Information in Shared System Resources good match

prevent

Prevents unintended information transfer via shared system resources like the exploited screen stack used for confidentiality breaches.

AC-4 Information Flow Enforcement good match

prevent

Enforces information flow controls between processes to mitigate cross-process leakage of sensitive data in the UIExtension module.

MITRE ATT&CK Enterprise TechniquesAI

T1005 Data from Local System Collection

Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.

attack.mitre.org →

Why these techniques?

Local unauthenticated cross-process information disclosure vulnerability directly enables unauthorized collection of sensitive data from the local system.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Deeper analysisAI

CVE-2024-56443 is a cross-process screen stack vulnerability in the UIExtension module. Published on January 8, 2025, it has a CVSS v3.1 base score of 6.2 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) and is associated with CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor). The vulnerability affects service confidentiality upon successful exploitation.

A local attacker can exploit this vulnerability with low attack complexity, requiring no privileges or user interaction. Exploitation remains within the same security scope and results in high confidentiality impact, potentially allowing unauthorized access to sensitive service data.

Huawei's security bulletin provides details on the vulnerability, available at https://consumer.huawei.com/en/support/bulletin/2025/1/. Practitioners should consult this advisory for recommended mitigations or patches.

Details

CWE(s): CWE-200 NVD-CWE-noinfo

Affected Products

huawei

harmonyos

5.0.0

CVEs Like This One

CVE-2026-24915Same product: Huawei Harmonyos

CVE-2024-57954Same product: Huawei Harmonyos

CVE-2024-56435Same product: Huawei Harmonyos

CVE-2026-24921Same product: Huawei Harmonyos

CVE-2024-56444Same product: Huawei Harmonyos

CVE-2024-56436Same product: Huawei Harmonyos

CVE-2024-56437Same product: Huawei Harmonyos

CVE-2024-57962Same product: Huawei Harmonyos

CVE-2025-68955Same product: Huawei Harmonyos

CVE-2025-68957Same product: Huawei Harmonyos

References

https://consumer.huawei.com/en/support/bulletin/2025/1/
Vendor Advisory · psirt@huawei.com