CVE-2023-39380

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 13, 2023
Updated: Aug 17, 2023
CWE ID 287
CWE ID 264

Summary

CVE-2023-39380 is a newly identified permission control vulnerability that affects the audio module. This issue allows unauthorized users to manipulate audio device settings, potentially leading to abnormal behavior. Successful exploitation could result in unexpected audio output, causing disruptions or privacy concerns. The vulnerability underscores the importance of implementing robust access controls to prevent unauthorized modifications to critical system components. Users are encouraged to apply patches as soon as they become available to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • HarmonyOS
  • Huawei EMUI

Affected Vendors

  • Huawei Technologies