Harmonyos Security Vulnerabilities - 2023

CVE-2023-46762

Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions.

CVE-2023-46763

Vulnerability of background app permission management in the framework module. Successful exploitation of this vulnerability may cause background apps to start maliciously.

CVE-2023-46764

Unauthorized startup vulnerability of background apps. Successful exploitation of this vulnerability may cause background apps to start maliciously.

CVE-2023-46765

Vulnerability of uncaught exceptions in the NFC module. Successful exploitation of this vulnerability can affect NFC availability.

CVE-2023-46766

Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions.

CVE-2023-46767

Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions.

CVE-2023-46768

Multi-thread vulnerability in the idmap module. Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2023-46769

Use-After-Free (UAF) vulnerability in the dubai module. Successful exploitation of this vulnerability will affect availability.

CVE-2023-46770

Out-of-bounds vulnerability in the sensor module. Successful exploitation of this vulnerability may cause mistouch prevention errors on users' mobile phones.

CVE-2023-46771

Security vulnerability in the face unlock module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-46773

Permission management vulnerability in the PMS module. Successful exploitation of this vulnerability may cause privilege escalation.

CVE-2023-46774

Vulnerability of uncaught exceptions in the NFC module. Successful exploitation of this vulnerability can affect NFC availability.

CVE-2023-49239

Unauthorized access vulnerability in the card management module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49240

Unauthorized access vulnerability in the launcher module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49241

API permission control vulnerability in the network management module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49242

Free broadcast vulnerability in the running management module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49243

Vulnerability of unauthorized access to email attachments in the email module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49244

Permission management vulnerability in the multi-user module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49245

Unauthorized access vulnerability in the Huawei Share module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49246

Unauthorized access vulnerability in the card management module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49247

Permission verification vulnerability in distributed scenarios. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-49248

Vulnerability of unauthorized file access in the Settings app. Successful exploitation of this vulnerability may cause unauthorized file access.

CVE-2023-5801

Vulnerability of identity verification being bypassed in the face unlock module. Successful exploitation of this vulnerability will affect integrity and confidentiality.

CVE-2023-6273

Permission management vulnerability in the module for disabling Sound Booster. Successful exploitation of this vulnerability may cause features to perform abnormally.