CVE-2023-39399

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Aug 13, 2023
Updated: Aug 17, 2023
CWE ID 275

Summary

CVE-2023-39399 is a parameter verification vulnerability affecting the installd module. This issue allows unauthorized reading and writing of sandbox files due to insufficient validation of user input. An attacker who successfully exploits this vulnerability can potentially gain unintended access to sensitive information or modify files outside of the intended sandbox environment. This weakness could lead to significant security implications, emphasizing the importance of applying the necessary patches or updates to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • HarmonyOS
  • Huawei EMUI

Affected Vendors

  • Huawei Technologies