CVE-2024-22177

CVSS 3.1 Score 3.3 of 10 (low)

Details

Published Apr 2, 2024

CWE ID 281

Summary

CVE-2024-22177 is a vulnerability affecting OpenHarmony versions 3.2.4 and earlier. This issue permits local attackers to cause apps to crash by manipulating permission requests. By exploiting this vulnerability, an attacker can potentially gain unintended control over application behavior, leading to denial of service or potentially more serious consequences. The exact cause of the issue lies within the OpenHarmony permission handling mechanism, providing an opportunity for attackers to manipulate app behavior without proper authorization. Users are strongly encouraged to update their OpenHarmony installations to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uDIQ4G
https://www.cve.org/CVERecord?id=CVE-2024-22177
https://nvd.nist.gov/vuln/detail/CVE-2024-22177

Back to Vulnerability Database

CVE-2024-22177

CVSS 3.1 Score 3.3 of 10 (low)

Details

Summary

Advisories, Assessments, and Mitigations