CVE-2023-46705

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 20, 2023

Updated: Nov 24, 2023

CWE ID 843

Summary

CVE-2023-46705 is a vulnerability affecting OpenHarmony versions 3.2.2 and earlier. A local attacker can exploit this type confusion issue to cause system information leakage, potentially exposing sensitive data. The vulnerability occurs due to improper handling of data types within the OpenHarmony operating system. Successful exploitation requires local access, making it a significant concern for organizations with vulnerable systems. Users are advised to update their OpenHarmony installations as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Openharmony

Affected Vendors

Open Harmony

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tSjpVE
https://www.cve.org/CVERecord?id=CVE-2023-46705
https://nvd.nist.gov/vuln/detail/CVE-2023-46705

Back to Vulnerability Database