softbus_client_stub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an SA relay attack.Local attackers can bypass authentication and attack other SAs with high privilege.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Openharmony | Openatom | 3.0 (including) | 3.0.5 (including) |