CVE-2025-41432

Name of the Vulnerable Software and Affected Versions OpenHarmony versions prior to 5.1.0

Description The software contains a flaw that allows a local attacker to execute arbitrary code within pre-installed applications. This is achieved through an out-of-bounds write condition. Exploitation of this issue is limited to restricted scenarios. The vulnerable component is arkcompiler ets runtime.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.