Lucene search
China National Vulnerability DatabaseCNVD-2023-70288HistoryAug 12, 2023 - 12:00 a.m.
Huawei HarmonyOS Security Restriction Bypass Vulnerability (CNVD-2023-70288)
2023-08-1200:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
huawei
harmonyos
security vulnerability
restriction bypass
osulogin
insecure signatures
malicious modifications
cnvd-2023-70288
0.0005 Low
EPSS
Percentile
17.8%
Huawei HarmonyOS is an operating system from Huawei (China). It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a security restriction bypass vulnerability that stems from the use of insecure signatures in the osulogin module, which can be exploited by an attacker to cause osulogin to be overwritten by malicious modifications.
| CPE | Name | Operator | Version |
|---|---|---|---|
| huawei harmonyos | eq | 2.0.1 | |
| huawei harmonyos | eq | 3.0.0 | |
| huawei harmonyos | eq | 3.1.0 |
Related
cvelist
cvelist
CVE-2023-39392
2023-08-13 11:33:13
nvd
nvd
CVE-2023-39392
2023-08-13 12:15:46
cve
cve
CVE-2023-39392
2023-08-13 12:15:46
prion
prion
Design/Logic Flaw
2023-08-13 12:15:00