CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-23240

in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 3.8%

CVSS Severity

CVSS v3 Score 3.8

References

https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-03.md

Products affected by CVE-2025-23240

Openatom » Openharmony » Version: 4.1.0

cpe:2.3:o:openatom:openharmony:4.1.0
Openatom » Openharmony » Version: 4.1.1

cpe:2.3:o:openatom:openharmony:4.1.1
Openatom » Openharmony » Version: 4.1.2

cpe:2.3:o:openatom:openharmony:4.1.2
Openatom » Openharmony » Version: 4.1.3

cpe:2.3:o:openatom:openharmony:4.1.3
Openatom » Openharmony » Version: 5.0

cpe:2.3:o:openatom:openharmony:5.0
Openatom » Openharmony » Version: 5.0.1

cpe:2.3:o:openatom:openharmony:5.0.1
Openatom » Openharmony » Version: 5.0.2

cpe:2.3:o:openatom:openharmony:5.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-23240

Products

Pricing

Contact Us