Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.5
Apache Kafka Service Permission Bypass Allows Unauthorized Access
CVE-2026-28542
Summary
Apache Kafka users should be aware that a permission bypass bug in the system service framework could let an attacker access data they shouldn't. This could lead to data unavailability. Kafka administrators should review and update their configurations to prevent unauthorized access.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| huawei | emui | 13.0.0 | – |
| huawei | emui | 14.0.0 | – |
| huawei | emui | 14.2.0 | – |
| huawei | harmonyos | 3.1.0 | – |
| huawei | harmonyos | 4.0.0 | – |
| huawei | harmonyos | 4.2.0 | – |
Original title
Permission bypass vulnerability in the system service framework. Impact: Successful exploitation of this vulnerability may affect availability.
Original description
Permission bypass vulnerability in the system service framework. Impact: Successful exploitation of this vulnerability may affect availability.
nvd CVSS3.1
5.5
Vulnerability type
CWE-755
- https://consumer.huawei.com/en/support/bulletin/2026/3/ Vendor Advisory
- https://consumer.huawei.com/en/support/bulletinwearables/2026/3/ Vendor Advisory
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026