Permission verification vulnerability in distributed scenarios. Successful exploitation of this vulnerability may affect service confidentiality.
Weakness
The product does not validate, or incorrectly validates, a certificate.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Emui | Huawei | 12.0.0 (including) | 12.0.0 (including) |
| Emui | Huawei | 13.0.0 (including) | 13.0.0 (including) |
| Harmonyos | Huawei | 2.0.0 (including) | 2.0.0 (including) |
| Harmonyos | Huawei | 2.1.0 (including) | 2.1.0 (including) |
| Harmonyos | Huawei | 3.0.0 (including) | 3.0.0 (including) |
| Harmonyos | Huawei | 3.1.0 (including) | 3.1.0 (including) |
| Harmonyos | Huawei | 4.0.0 (including) | 4.0.0 (including) |
Potential Mitigations
Related Attack Patterns
References
- https://consumer.huawei.com/en/support/bulletin/2023/12/
- https://device.harmonyos.com/en/docs/security/update/security-bulletins-202312-0000001758430245
- https://consumer.huawei.com/en/support/bulletin/2023/12/
- https://device.harmonyos.com/en/docs/security/update/security-bulletins-202312-0000001758430245