Cyber Posture

CVE-2024-56447

HighLPE

Published: 08 January 2025

Published
08 January 2025
Modified
13 January 2025
KEV Added
Patch
CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0014 34.1th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-56447 is a high-severity Improper Privilege Management (CWE-269) vulnerability in Huawei Harmonyos. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 34.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-25 (Reference Monitor) and AC-3 (Access Enforcement).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

AC-3 Access Enforcement good match
prevent

Directly mandates enforcement of approved authorizations for access to system resources like the window management module, preventing exploitation of improper permission controls by low-privilege local attackers.

AC-6 Least Privilege good match
prevent

Implements least privilege to restrict low-privilege users from unauthorized access or manipulation in the window management module, addressing CWE-269 improper privilege management.

AC-25 Reference Monitor good match
prevent

Requires a reference monitor to mediate and enforce access control decisions tamper-proof, mitigating flaws in permission controls within the window management module.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

Local improper privilege management in window module directly enables exploitation for privilege escalation by low-privileged attacker.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

Vulnerability of improper permission control in the window management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Deeper analysisAI

CVE-2024-56447 is a vulnerability involving improper permission control in the window management module, associated with CWE-269 (Improper Privilege Management) and CWE-276 (Incorrect Default Permissions). It carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and was published on 2025-01-08. The issue primarily impacts service confidentiality upon successful exploitation, though the CVSS vector indicates high potential effects on confidentiality, integrity, and availability.

A local attacker with low privileges can exploit this vulnerability with low attack complexity and no user interaction required. Exploitation allows unauthorized access or manipulation within the affected window management module, enabling high-impact disruption to confidentiality, integrity, and availability of services on the targeted system.

Huawei has published a consumer support bulletin at https://consumer.huawei.com/en/support/bulletin/2025/1/ addressing this vulnerability, which likely includes details on patches or mitigation steps for affected devices.

Details

CWE(s)
CWE-269CWE-276

Affected Products

huawei
emui
12.0.0, 13.0.0, 14.0.0
huawei
harmonyos
2.0.0, 2.1.0, 3.0.0, 3.1.0, 4.0.0

CVEs Like This One

CVE-2024-58044Same product: Huawei Emui
CVE-2026-34859Same product: Huawei Emui
CVE-2024-57961Same product: Huawei Emui
CVE-2024-58043Same product: Huawei Emui
CVE-2026-28548Same product: Huawei Emui
CVE-2024-56449Same product: Huawei Emui
CVE-2026-28542Same product: Huawei Emui
CVE-2024-57960Same product: Huawei Emui
CVE-2026-28553Same product: Huawei Emui
CVE-2023-52954Same product: Huawei Emui

References