CVE-2023-39390

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 13, 2023

Updated: Aug 17, 2023

CWE ID 20

Summary

CVE-2023-39390 is a vulnerability affecting certain APIs in the window management module. The issue lies in the input parameter verification, which if not properly checked, can lead to a device restart. An attacker who successfully exploits this vulnerability can cause the system to crash, potentially leading to downtime or data loss. It is important for organizations using the affected software to apply the necessary patches to mitigate this risk. Failure to do so may leave their devices vulnerable to denial-of-service attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

HarmonyOS
Huawei EMUI

Affected Vendors

Huawei Technologies

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sK-LOC
https://www.cve.org/CVERecord?id=CVE-2023-39390
https://nvd.nist.gov/vuln/detail/CVE-2023-39390

Back to Vulnerability Database