CVE-2023-4565Incorrect Permission Assignment in Huawei Emui

CWE-732Incorrect Permission Assignment3 documents3 sources
Severity
5.3MEDIUMNVD
EPSS
0.1%
top 78.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei EmuiHuawei Harmonyos
Timeline
PublishedSep 27

Description

Broadcast permission control vulnerability in the framework module. Successful exploitation of this vulnerability may cause the hotspot feature to be unavailable.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages4 packages

CVEListV5huawei/emui4 versions+3
NVDhuawei/emui4 versions+3
CVEListV5huawei/harmonyos6 versions+5
NVDhuawei/harmonyos6 versions+5

🔴Vulnerability Details

2
GHSA
GHSA-7j2v-cmgf-h8vx: Broadcast permission control vulnerability in the framework module2023-09-27
CVEList
CVE-2023-4565: Broadcast permission control vulnerability in the framework module2023-09-26
CVE-2023-4565 — Incorrect Permission Assignment | cvebase