Authentication Bypass Vulnerability in OpenHarmony-v3.1.2 and Prior Versions: Exploiting Softbus_server Callback Handler Function

Authentication Bypass Vulnerability in OpenHarmony-v3.1.2 and Prior Versions: Exploiting Softbus_server Callback Handler Function

CVE-2022-42463 · HIGH Severity

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

OpenHarmony-v3.1.2 and prior versions have an authenication bypass vulnerability in a callback handler function of Softbus_server in communication subsystem. Attackers can launch attacks on distributed networks by sending Bluetooth rfcomm packets to any remote device and executing arbitrary commands.

Learn more about our Cis Benchmark Audit For Server Software.