CVE-2023-25176
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Summary
CVE-2023-25176 is a newly disclosed vulnerability affecting OpenHarmony versions 3.2.4 and prior. A local attacker can exploit this issue, classified as an out-of-bounds read vulnerability, to leak sensitive information from the affected system. Successful exploitation does not require privileged access or network connectivity beyond the local host, making it a significant threat for organizations and individuals using OpenHarmony. The vulnerability stems from improper input validation, allowing attackers to read memory beyond designated boundaries. To mitigate this risk, it is recommended that users update to the latest OpenHarmony version as soon as possible, implementing relevant security patches to protect against potential attacks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.