CVE-2024-54112 – This CVE describes a cross-process screen stack... (How to Fix)

Q: What is the severity of CVE-2024-54112?

CVE-2024-54112 has a CVSS score of 5.5 (MEDIUM). This CVE describes a cross-process screen stack vulnerability in Huawei's UIExtension module that could allow unauthorized access to screen content across application boundaries. It affects Huawei devices running vulnerable software versions. Successful exploitation could lead to information disclosure of sensitive visual data.

📋 TL;DR

This CVE describes a cross-process screen stack vulnerability in Huawei's UIExtension module that could allow unauthorized access to screen content across application boundaries. It affects Huawei devices running vulnerable software versions. Successful exploitation could lead to information disclosure of sensitive visual data.

💻 Affected Systems

Products:

Huawei smartphones and tablets

Versions: Specific versions not detailed in reference; check Huawei security bulletin for exact affected versions

Operating Systems: HarmonyOS, Android-based Huawei EMUI

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with UIExtension module enabled (typically enabled by default). Exact device models not specified in available reference.

📦 What is this software?

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could capture sensitive screen content from other applications, potentially exposing confidential information like passwords, financial data, or private communications.

🟠

Likely Case

Limited information leakage from background applications or system UI elements, potentially exposing some user interface data but not full application content.

🟢

If Mitigated

With proper sandboxing and process isolation controls, exploitation would be limited to non-sensitive system UI elements only.

🌐 Internet-Facing: LOW - This vulnerability requires local access or malware installation on the device.

🏢 Internal Only: MEDIUM - Malicious apps or compromised user accounts could exploit this vulnerability to access screen content from other applications.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires malicious app installation or local access to the device. No public exploit code identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Huawei security bulletin for specific patched versions

Vendor Advisory: https://consumer.huawei.com/en/support/bulletin/2024/12/

Restart Required: Yes

Instructions:

1. Check Huawei security bulletin for affected device models and versions. 2. Apply latest security updates via Settings > System & updates > Software update. 3. Restart device after update completes.

🔧 Temporary Workarounds

Disable unnecessary app permissions

all

Review and restrict screen overlay or accessibility permissions for untrusted applications

Settings > Apps > [App Name] > Permissions > Disable 'Display over other apps' or similar permissions

Install apps only from trusted sources

all

Prevent installation of potentially malicious applications that could exploit this vulnerability

Settings > Security > Install unknown apps > Disable for all browsers and app sources

🧯 If You Can't Patch

Implement strict application whitelisting policies
Use mobile device management (MDM) solutions to control app installations and permissions

🔍 How to Verify

Check if Vulnerable:

Check device model and software version against Huawei security bulletin. Settings > About phone > check model and build number.

Check Version:

Settings > About phone > Build number / Software version

Verify Fix Applied:

Verify software version matches or exceeds patched version listed in Huawei security advisory.

📡 Detection & Monitoring

Log Indicators:

Unusual UIExtension process activity
Multiple cross-process screen access attempts
Abnormal permission requests for screen capture

Network Indicators:

Not applicable - local vulnerability

SIEM Query:

Not applicable for typical mobile device deployments

📊 Metadata

CVE ID: CVE-2024-54112

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE: CWE-1021

Published: December 12, 2024

Last Updated: September 18, 2025

🔗 References

https://consumer.huawei.com/en/support/bulletin/2024/12/ Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-54112, you might also want to check these: