CVE-2024-56442

CVE-2024-56442 is a vulnerability in the NFC service module stemming from native APIs not being implemented, which can lead to abnormal feature performance upon exploitation. This issue affects Huawei consumer devices, as indicated by the vendor's security bulletin. The vulnerability is rated with a CVSS v3.1 base score of 5.5 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) and is associated with CWE-227 (Incomplete Action) and NVD-CWE-noinfo. It was published on January 8, 2025.

Exploitation requires local access to the affected device with low privileges and low attack complexity, with no user interaction needed. A successful attack results in high-impact availability disruption, causing features to perform abnormally, effectively enabling a denial-of-service condition without compromising confidentiality or integrity.

Huawei's security bulletin at https://consumer.huawei.com/en/support/bulletin/2025/1/ provides details on mitigation, likely including patches or updates for affected devices. Security practitioners should direct users to apply vendor-recommended fixes promptly to address this local privilege escalation risk in the NFC service.