CVE-2026-41972

Vulnerability

A path traversal vulnerability exists within the SMS application on specific Huawei devices. This vulnerability allows for manipulation of file paths, potentially impacting the application's normal operation. Affected versions include HarmonyOS 6.1.0, HarmonyOS 6.0.0, and HarmonyOS 5.1.0 [1].

Exploitation

Details regarding the specific conditions or steps required for an attacker to exploit this path traversal vulnerability are not yet disclosed in the available references. Further information on required privileges, user interaction, or network position is needed to fully understand the exploitation vector.

Impact

Successful exploitation of this path traversal vulnerability may affect the availability of the SMS application and potentially the device's overall stability. The exact scope and severity of the impact beyond availability are not detailed in the provided references [1].

Mitigation

HUAWEI is releasing monthly security updates. This vulnerability is addressed in security updates for June 2026. Users are advised to update their devices to the latest available version to patch this vulnerability. Specific patch versions and release dates are detailed in HUAWEI's security bulletins [1].