← Back

CVE-2023-41310

nvd nist
Published: Sep 27, 2023Modified: Nov 21, 2024

JSON object

Loading...
3.3
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Exploitability: 1.8 / Impact: 1.4
Source: NVD

Description

Keep-alive vulnerability in the sticky broadcast mechanism. Successful exploitation of this vulnerability may cause malicious apps to run continuously in the background.

Affected (10)

Products: Huawei: Emui, Harmonyos
Huawei
2 products
Emui
Harmonyos
Configuration A
10 vulnerable
Vulnerable SoftwareAffected Versions
Huawei
Emui
Version 11.0.1
Emui
Version 12.0.1
Emui
Version 12.0
Emui
Version 13.0.0
Huawei
Harmonyos
Version 2.0.0
Harmonyos
Version 2.0.1
Harmonyos
Version 2.1.0
Harmonyos
Version 3.0.0
Harmonyos
Version 3.1.0
Harmonyos
Version 4.0.0

Related CWEs

CWE-400
Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (4)

Source: psirt@huawei.com
Vendor Advisory
Source: psirt@huawei.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.