Cyber Resilience

CVE-2024-56443

Medium

Published: 08 January 2025

Published
08 January 2025
Modified
13 January 2025
KEV Added
Patch
CVSS Score v3.1 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0012 30.1th percentile
Risk Priority 12 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-56443 is a medium-severity Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) vulnerability in Huawei Harmonyos. Its CVSS base score is 6.2 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Data from Local System (T1005); ranked at the 30.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-4 (Information Flow Enforcement) and SC-39 (Process Isolation).

Deeper analysis

CVE-2024-56443 is a cross-process screen stack vulnerability in the UIExtension module. Published on January 8, 2025, it has a CVSS v3.1 base score of 6.2 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) and is associated with CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor). The vulnerability affects service confidentiality upon successful exploitation.

A local attacker can exploit this vulnerability with low attack complexity, requiring no privileges or user interaction. Exploitation remains within the same security scope and results in high confidentiality impact, potentially allowing unauthorized access to sensitive service data.

Huawei's security bulletin provides details on the vulnerability, available at https://consumer.huawei.com/en/support/bulletin/2025/1/. Practitioners should consult this advisory for recommended mitigations or patches.

EU & UK References

Vulnerability details

Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
Why these techniques?

Local unauthenticated cross-process information disclosure vulnerability directly enables unauthorized collection of sensitive data from the local system.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-24915Same product: Huawei Harmonyos
CVE-2024-12602Same product: Huawei Harmonyos
CVE-2024-56435Same product: Huawei Harmonyos
CVE-2024-57954Same product: Huawei Harmonyos
CVE-2026-24921Same product: Huawei Harmonyos
CVE-2024-56444Same product: Huawei Harmonyos
CVE-2025-68968Same product: Huawei Harmonyos
CVE-2024-57957Same product: Huawei Harmonyos
CVE-2024-57956Same product: Huawei Harmonyos
CVE-2025-68958Same product: Huawei Harmonyos

Affected Assets

huawei
harmonyos
5.0.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Process isolation directly prevents cross-process access to the UIExtension screen stack, blocking unauthorized exposure of sensitive service data.

prevent

Prevents unintended information transfer via shared system resources like the exploited screen stack used for confidentiality breaches.

prevent

Enforces information flow controls between processes to mitigate cross-process leakage of sensitive data in the UIExtension module.

References