CVE-2023-39398

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Aug 13, 2023

Updated: Aug 17, 2023

CWE ID 275

Summary

CVE-2023-39398 is a parameter verification vulnerability affecting the installd module. An attacker can exploit this vulnerability by passing unverified user input, potentially allowing for unauthorized read and write access to sandbox files. This issue poses a significant risk, as it may lead to sensitive data exposure or system modification. Users are highly encouraged to apply the necessary patches or updates as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

HarmonyOS
Huawei EMUI

Affected Vendors

Huawei Technologies

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sK-V7K
https://www.cve.org/CVERecord?id=CVE-2023-39398
https://nvd.nist.gov/vuln/detail/CVE-2023-39398

Back to Vulnerability Database