CVE-2023-49240

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 6, 2023

Updated: Dec 11, 2023

CWE ID 863

CWE ID 601

Summary

CVE-2023-49240 is a newly discovered vulnerability affecting the launcher module. Malicious actors can exploit this unauthorized access flaw to bypass intended access restrictions, potentially compromising service confidentiality. The vulnerability's impact goes beyond authorized users, posing a significant risk to system security. The exact cause of the issue remains undisclosed, but affected organizations are urged to apply the forthcoming patches to mitigate the threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

HarmonyOS
Huawei EMUI

Affected Vendors

Huawei Technologies

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tiwcGt
https://www.cve.org/CVERecord?id=CVE-2023-49240
https://nvd.nist.gov/vuln/detail/CVE-2023-49240

Back to Vulnerability Database