Skip to main content

CVE-2023-0035

Description

softbus_client_stub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege.

nvd
CVE ID: CVE-2023-0035
Base Score: 7.8
Base Severity: HIGH
Vector String:CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 1.8
openharmony
CVE ID: CVE-2023-0035
Base Score: 6.5
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Impact Score: 4.0
Exploitability Score: 2.0

Refrence: NVDMITRE