CVE-2023-39401

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Aug 13, 2023

Updated: Aug 17, 2023

CWE ID 22

Summary

CVE-2023-39401 is a parameter verification vulnerability affecting the installd module. This issue allows unauthorized read and write access to sandbox files, increasing the risk of data breaches or unintended system modifications. Attackers can potentially exploit this vulnerability to gain elevated privileges or execute malicious code. The vulnerability underscores the importance of rigorous input validation and access control measures to protect systems and maintain the integrity of critical applications.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

HarmonyOS
Huawei EMUI

Affected Vendors

Huawei Technologies

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sK-RTX
https://www.cve.org/CVERecord?id=CVE-2023-39401
https://nvd.nist.gov/vuln/detail/CVE-2023-39401

Back to Vulnerability Database