CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-25947

The bundle management subsystem within OpenHarmony-v3.1.4 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vulnerability to cause a DoS attack to the system when installing a malicious HAP package.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.2%

CVSS Severity

CVSS v3 Score 6.2

References

https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2023/2023-03.md
https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2023/2023-03.md

Products affected by CVE-2023-25947

Openatom » Openharmony » Version: 3.1

cpe:2.3:o:openatom:openharmony:3.1
Openatom » Openharmony » Version: 3.1.1

cpe:2.3:o:openatom:openharmony:3.1.1
Openatom » Openharmony » Version: 3.1.2

cpe:2.3:o:openatom:openharmony:3.1.2
Openatom » Openharmony » Version: 3.1.3

cpe:2.3:o:openatom:openharmony:3.1.3
Openatom » Openharmony » Version: 3.1.4

cpe:2.3:o:openatom:openharmony:3.1.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-25947

Products

Pricing

Contact Us