CVE-2023-52373

Vulnerability of permission verification in the content sharing pop-up module.Successful exploitation of this vulnerability may cause unauthorized file sharing.

Weakness

The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.

Affected Software

Name	Vendor	Start Version	End Version
Emui	Huawei	12.0.0 (including)	12.0.0 (including)
Emui	Huawei	13.0.0 (including)	13.0.0 (including)
Harmonyos	Huawei	2.0.0 (including)	2.0.0 (including)
Harmonyos	Huawei	2.1.0 (including)	2.1.0 (including)
Harmonyos	Huawei	3.0.0 (including)	3.0.0 (including)
Harmonyos	Huawei	3.1.0 (including)	3.1.0 (including)
Harmonyos	Huawei	4.0.0 (including)	4.0.0 (including)

References

https://consumer.huawei.com/en/support/bulletin/2024/2/
https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202402-0000001834855405
https://consumer.huawei.com/en/support/bulletin/2024/2/
https://device.harmonyos.com/cn/docs/security/update/security-bulletins-202402-0000001834855405

NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-52373
CWE	https://cwe.mitre.org/data/definitions/281.html

Improper Preservation of Permissions

Weakness

Affected Software

References