CVE-2023-39407

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Sep 25, 2023

CWE ID 22

Summary

CVE-2023-39407 is a vulnerability affecting the Watchkit, which presents a risk of unauthorized file access. If exploited, attackers could gain unauthorized access to sensitive files, compromising both confidentiality and integrity. The precise nature of the vulnerability lies in inadequate file access controls. This issue underlines the importance of applying timely security patches and implementing access control best practices.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

HarmonyOS

Affected Vendors

Huawei Technologies

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sK-X4c
https://www.cve.org/CVERecord?id=CVE-2023-39407
https://nvd.nist.gov/vuln/detail/CVE-2023-39407

Back to Vulnerability Database