CVE-2023-39403Improperly Implemented Security Check for Standard in Huawei Emui

CWE-358Improperly Implemented Security Check for StandardCWE-285Improper Authorization3 documents3 sources
Severity
9.1CRITICALNVD
EPSS
0.1%
top 82.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei EmuiHuawei Harmonyos
Timeline
PublishedAug 13

Description

Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 3.9 | Impact: 5.2

Affected Packages4 packages

CVEListV5huawei/emui4 versions+3
NVDhuawei/emui4 versions+3
CVEListV5huawei/harmonyos5 versions+4
NVDhuawei/harmonyos5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-4625-9rv5-g3gm: Parameter verification vulnerability in the installd module2023-08-13
CVEList
CVE-2023-39403: Parameter verification vulnerability in the installd module2023-08-13
CVE-2023-39403 — Huawei Emui vulnerability | cvebase