CVE-2023-42774

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 20, 2023

Updated: Nov 24, 2023

CWE ID 276

Summary

CVE-2023-42774 is a vulnerability affecting OpenHarmony versions 3.2.2 and earlier. This issue stems from incorrect default permissions, which enables a local attacker to gain unauthorized access to confidential information. This security flaw poses a significant risk as it allows unintended access to sensitive data, potentially leading to data breaches or further exploitation. The vulnerability can be mitigated by applying the necessary patches or updates to the affected OpenHarmony systems to correct the permissions issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Openharmony

Affected Vendors

Open Harmony

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tSjuKr
https://www.cve.org/CVERecord?id=CVE-2023-42774
https://nvd.nist.gov/vuln/detail/CVE-2023-42774

Back to Vulnerability Database