OpenHarmony v3.2.2 and Prior Versions: Local Attacker Exploits Incorrect Default Permissions to Access Confidential Information and Rewrite Sensitive Files

CVE-2023-3116 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

in OpenHarmony v3.2.2 and prior versions allow a local attacker get confidential information or rewrite sensitive file through incorrect default permissions.

Learn more about our Web Application Penetration Testing UK.