Unrated severityNVD Advisory· Published Mar 16, 2026· Updated Mar 16, 2026
arkcompiler_ets_runtime has a type confusion vulnerability
CVE-2025-25277
Description
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through using incompatible type. This vulnerability can be exploited only in restricted scenarios.
Affected products
2<=5.1.0+ 1 more
- (no CPE)range: <=5.1.0
- (no CPE)range: v5.0.3
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.