CVE-2023-41310 — Uncontrolled Resource Consumption in Huawei Emui

CWE-400 — Uncontrolled Resource Consumption3 documents3 sources

Severity

3.3LOWNVD

EPSS

0.0%

top 89.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Emui Huawei Harmonyos

Timeline

PublishedSep 27

Description

Keep-alive vulnerability in the sticky broadcast mechanism. Successful exploitation of this vulnerability may cause malicious apps to run continuously in the background.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:LExploitability: 1.8 | Impact: 1.4

Affected Packages4 packages

▶CVEListV5huawei/emui4 versions+3

▶NVDhuawei/emui4 versions+3

▶CVEListV5huawei/harmonyos6 versions+5

▶NVDhuawei/harmonyos6 versions+5

🔴Vulnerability Details

GHSA

GHSA-p892-cj2f-7wjx: Keep-alive vulnerability in the sticky broadcast mechanism↗2023-09-27

▶

CVEList

CVE-2023-41310: Keep-alive vulnerability in the sticky broadcast mechanism↗2023-09-26

▶