CVE-2023-0035

softbus_client_stub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege.
Configurations

Configuration 1

cpe:2.3:a:openharmony:openharmony:*:*:*:*:lts:*:*:*

Information

Published : 2023-01-09 03:15

Updated : 2023-01-12 09:01


NVD link : CVE-2023-0035

Mitre link : CVE-2023-0035

Products Affected
CWE
CWE-294

Authentication Bypass by Capture-replay