Vulnerability Details CVE-2023-44116
Vulnerability of access permissions not being strictly verified in the APPWidget module.Successful exploitation of this vulnerability may cause some apps to run without being authorized.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.1%
CVSS Severity
CVSS v3 Score 9.8
References
- https://consumer.huawei.com/en/support/bulletin/2023/10/
- https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540
- https://consumer.huawei.com/en/support/bulletin/2023/10/
- https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540
Products affected by CVE-2023-44116
-
cpe:2.3:o:huawei:emui:11.0.1
-
cpe:2.3:o:huawei:emui:12.0.0
-
cpe:2.3:o:huawei:emui:12.0.1
-
cpe:2.3:o:huawei:emui:13.0.0
-
cpe:2.3:o:huawei:harmonyos:2.0.0
-
cpe:2.3:o:huawei:harmonyos:2.0.1
-
cpe:2.3:o:huawei:harmonyos:2.1.0
-
cpe:2.3:o:huawei:harmonyos:3.0.0
-
cpe:2.3:o:huawei:harmonyos:3.1.0
-
cpe:2.3:o:huawei:harmonyos:4.0.0