CVE-2023-44105Improper Privilege Management in Huawei Emui

CWE-269Improper Privilege Management3 documents3 sources
Severity
9.8CRITICALNVD
EPSS
0.1%
top 77.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei EmuiHuawei Harmonyos
Timeline
PublishedOct 11

Description

Vulnerability of permissions not being strictly verified in the window management module.Successful exploitation of this vulnerability may cause features to perform abnormally.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

CVEListV5huawei/emui4 versions+3
NVDhuawei/emui4 versions+3
CVEListV5huawei/harmonyos6 versions+5
NVDhuawei/harmonyos6 versions+5

🔴Vulnerability Details

2
CVEList
CVE-2023-44105: Vulnerability of permissions not being strictly verified in the window management module2023-10-11
GHSA
GHSA-rgjq-vpr7-3hfm: Vulnerability of permissions not being strictly verified in the window management module2023-10-11
CVE-2023-44105 — Improper Privilege Management | cvebase