CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-0035

softbus_client_stub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 0.4%

CVSS Severity

CVSS v3 Score 6.5

References

https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2023/2023-01.md
https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2023/2023-01.md

Products affected by CVE-2023-0035

Openatom » Openharmony » Version: 3.0

cpe:2.3:o:openatom:openharmony:3.0
Openatom » Openharmony » Version: 3.0.1

cpe:2.3:o:openatom:openharmony:3.0.1
Openatom » Openharmony » Version: 3.0.2

cpe:2.3:o:openatom:openharmony:3.0.2
Openatom » Openharmony » Version: 3.0.3

cpe:2.3:o:openatom:openharmony:3.0.3
Openatom » Openharmony » Version: 3.0.5

cpe:2.3:o:openatom:openharmony:3.0.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-0035

Products

Pricing

Contact Us