CVE-2023-43612

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 20, 2023

Updated: Nov 24, 2023

CWE ID 281

Summary

CVE-2023-43612 is a vulnerability affecting OpenHarmony version 3.2.2 and earlier releases. This issue enables a local attacker to perform arbitrary file read and write operations due to improper permission preservation. The vulnerability can lead to significant data exposure or unintended modifications, posing a serious security risk. OpenHarmony users are strongly advised to upgrade to a patched version to mitigate this threat. Failure to address this vulnerability can result in potential data breaches or system compromise.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Openharmony

Affected Vendors

Open Harmony

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tSjwVa
https://www.cve.org/CVERecord?id=CVE-2023-43612
https://nvd.nist.gov/vuln/detail/CVE-2023-43612

Back to Vulnerability Database