Cyber Posture

CVE-2024-56448

Medium

Published: 08 January 2025

Published
08 January 2025
Modified
13 January 2025
KEV Added
Patch
CVSS Score 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0008 24.3th percentile
Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-56448 is a medium-severity Code Injection (CWE-94) vulnerability in Huawei Harmonyos. Its CVSS base score is 6.7 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 24.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Client Execution (T1203). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

AC-3 Access Enforcement good match
prevent

Enforces approved authorizations for access to system resources like the home screen widget module, directly addressing the improper access control vulnerability.

AC-6 Least Privilege partial match
prevent

Restricts privileges to the least necessary, mitigating exploitation by limiting high-privilege (PR:H) local attackers targeting the widget module.

SI-10 Information Input Validation partial match
prevent

Validates inputs to prevent code injection (CWE-94) in the home screen widget module enabled by improper access control.

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
attack.mitre.org →
Why these techniques?

CWE-94 code injection in local widget module directly enables arbitrary code execution on the device (T1203: Exploitation for Client Execution).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

Vulnerability of improper access control in the home screen widget module Impact: Successful exploitation of this vulnerability may affect availability.

Deeper analysisAI

CVE-2024-56448 is a vulnerability involving improper access control in the home screen widget module of Huawei consumer devices. This flaw, published on January 8, 2025, is classified under CWE-94 (Code Injection) and NVD-CWE-Other, with a CVSS v3.1 base score of 6.7 (AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). Successful exploitation may primarily affect system availability, though the high-impact vector also enables significant confidentiality and integrity compromises.

Exploitation requires local access to the device and high privileges (PR:H), with low attack complexity and no user interaction needed. A privileged local attacker could leverage this improper access control in the home screen widget module to execute arbitrary code or manipulate system resources, potentially leading to high confidentiality loss (e.g., data exposure), integrity violations (e.g., data tampering), and availability disruption (e.g., denial of service).

Huawei's security bulletin at https://consumer.huawei.com/en/support/bulletin/2025/1/ provides details on affected devices and recommends applying the available patches or updates to mitigate the vulnerability. Security practitioners should verify device firmware versions against the advisory and enforce privilege restrictions to limit exposure.

Details

CWE(s)
CWE-94NVD-CWE-Other

Affected Products

huawei
emui
12.0.0, 13.0.0, 14.0.0
huawei
harmonyos
2.0.0, 2.1.0, 3.0.0, 3.1.0, 4.0.0

CVEs Like This One

CVE-2026-34853Same product: Huawei Emui
CVE-2026-28542Same product: Huawei Emui
CVE-2023-52953Same product: Huawei Emui
CVE-2024-56438Same product: Huawei Emui
CVE-2024-56442Same product: Huawei Emui
CVE-2024-56434Same product: Huawei Emui
CVE-2024-57958Same product: Huawei Emui
CVE-2024-56447Same product: Huawei Emui
CVE-2026-34859Same product: Huawei Emui
CVE-2024-57961Same product: Huawei Emui

References