CVE-2023-0036

platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege.
Configurations

Configuration 1

cpe:2.3:a:openharmony:openharmony:*:*:*:*:lts:*:*:*

Information

Published : 2023-01-09 03:15

Updated : 2023-01-12 08:57


NVD link : CVE-2023-0036

Mitre link : CVE-2023-0036

Products Affected
CWE
CWE-294

Authentication Bypass by Capture-replay