CVE-2023-46708

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Mar 4, 2024

CWE ID 416

Summary

CVE-2023-46708 is a new vulnerability affecting OpenHarmony version 3.2.4 and earlier releases. This issue grants local attackers the ability to execute arbitrary code in any apps through a use-after-free condition. By manipulating memory in a specific way, an attacker can trigger the vulnerability and inject malicious code, potentially leading to a compromise of the affected system. This vulnerability poses a significant risk to users running affected versions of OpenHarmony and requires immediate attention to apply the available patches.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tl8NM4
https://www.cve.org/CVERecord?id=CVE-2023-46708
https://nvd.nist.gov/vuln/detail/CVE-2023-46708

Back to Vulnerability Database

CVE-2023-46708

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations