CVE-2023-44097

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 11, 2023

Updated: Oct 16, 2023

CWE ID 200

Summary

CVE-2023-44097 is a vulnerability that exposes the confidentiality of a service due to improper management of permissions to access device Serial Numbers (SNs). The vulnerability allows unauthorized access to SNs, potentially enabling attackers to gain sensitive information or impersonate devices within the affected system. This issue underscores the importance of proper access control for critical system information to maintain data privacy and security.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

HarmonyOS
Huawei EMUI

Affected Vendors

Huawei Technologies

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sybmBC
https://www.cve.org/CVERecord?id=CVE-2023-44097
https://nvd.nist.gov/vuln/detail/CVE-2023-44097

Back to Vulnerability Database