CVE-2023-41304

Published: Oct 11, 2023Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

Parameter verification vulnerability in the window module.Successful exploitation of this vulnerability may cause the size of an app window to be adjusted to that of a floating window.

Affected (4)

Products: Huawei: Harmonyos, Emui

Huawei

2 products

Harmonyos

Emui

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Huawei Harmonyos	Version 3.0.0
Huawei Harmonyos	Version 3.1.0
Huawei Harmonyos	Version 4.0.0

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Huawei Emui	Version 13.0.0

Related CWEs

CWE-754

Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

References (4)

https://consumer.huawei.com/en/support/bulletin/2023/10/

Source: psirt@huawei.com

Vendor Advisory

https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540

Source: psirt@huawei.com

Vendor Advisory

https://consumer.huawei.com/en/support/bulletin/2023/10/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.