CVE-2026-34859

Medium

Published: 13 April 2026

Published

13 April 2026

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 5.9 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

EPSS Score 0.0001 0.3th percentile

Risk Priority 12 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-34859 is a medium-severity Use After Free (CWE-416) vulnerability in Huawei Harmonyos. Its CVSS base score is 5.9 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 0.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly remediates the specific Use-After-Free vulnerability in the kernel module through timely identification, reporting, and correction of the flaw.

SI-16 Memory Protection good match

prevent

Implements memory protection mechanisms that restrict unauthorized access to deallocated kernel memory, directly preventing UAF exploitation.

CM-6 Configuration Settings partial match

prevent

Enforces secure kernel configuration settings, such as ASLR and other hardening parameters, to mitigate exploitation of the UAF vulnerability.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

attack.mitre.org →

Why these techniques?

Local kernel use-after-free vulnerability with no privileges required directly enables exploitation for privilege escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

Deeper analysisAI

CVE-2026-34859 is a Use-After-Free (UAF) vulnerability, classified under CWE-416, in the kernel module. Published on 2026-04-13T05:16:03.810, it carries a CVSS v3.1 base score of 5.9 (AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L). Successful exploitation affects availability and confidentiality.

A local attacker requires no privileges and can exploit the vulnerability with low attack complexity and no user interaction. Exploitation enables low impacts on confidentiality, integrity, and availability.

Huawei advisories detail mitigations at https://consumer.huawei.com/en/support/bulletin/2026/4/ and https://consumer.huawei.com/en/support/bulletinvision/2026/4/.

Details

CWE(s): CWE-416

Affected Products

huawei

harmonyos

4.2.0, 4.3.0

huawei

emui

14.2.0, 15.0.0

CVEs Like This One

CVE-2024-56434Same product: Huawei Emui

CVE-2024-56447Same product: Huawei Emui

CVE-2024-57961Same product: Huawei Emui

CVE-2024-57959Same product: Huawei Emui

CVE-2024-58043Same product: Huawei Emui

CVE-2024-58044Same product: Huawei Emui

CVE-2024-56449Same product: Huawei Emui

CVE-2026-34854Same product: Huawei Emui

CVE-2026-28542Same product: Huawei Emui

CVE-2026-24930Same product: Huawei Harmonyos

References

https://consumer.huawei.com/en/support/bulletin/2026/4/
Vendor Advisory · psirt@huawei.com
https://consumer.huawei.com/en/support/bulletinvision/2026/4/
Vendor Advisory · psirt@huawei.com