Vulnerability Details CVE-2022-42463
OpenHarmony-v3.1.2 and prior versions have an authenication bypass vulnerability in a callback handler function of Softbus_server in communication subsystem. Attackers can launch attacks on distributed networks by sending Bluetooth rfcomm packets to any remote device and executing arbitrary commands.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 0.8%
CVSS Severity
CVSS v3 Score 8.3
References
Products affected by CVE-2022-42463
-
cpe:2.3:a:openharmony:openharmony:3.1
-
cpe:2.3:a:openharmony:openharmony:3.1.1
-
cpe:2.3:a:openharmony:openharmony:3.1.2