Vulnerability Details CVE-2023-0036
platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 0.4%
CVSS Severity
CVSS v3 Score 6.5
References
Products affected by CVE-2023-0036
-
cpe:2.3:o:openatom:openharmony:3.0
-
cpe:2.3:o:openatom:openharmony:3.0.1
-
cpe:2.3:o:openatom:openharmony:3.0.2
-
cpe:2.3:o:openatom:openharmony:3.0.3
-
cpe:2.3:o:openatom:openharmony:3.0.5