CVE-2023-39400

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Aug 13, 2023

Updated: Aug 17, 2023

CWE ID 22

Summary

CVE-2023-39400 is a parameter verification vulnerability that affects the installd module. An attacker who successfully exploits this flaw can cause unauthorized read and write access to sandbox files. This vulnerability poses a potential risk for data breaches or system compromise, emphasizing the importance of patching affected systems promptly. Bypassing the expected input validation, an adversary can manipulate input data to execute malicious commands, resulting in unwanted file access or modification.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

HarmonyOS
Huawei EMUI

Affected Vendors

Huawei Technologies

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sK-rWl
https://www.cve.org/CVERecord?id=CVE-2023-39400
https://nvd.nist.gov/vuln/detail/CVE-2023-39400

Back to Vulnerability Database