CVSS 3.1 Score 7.8 of 10 (high)


Published Nov 20, 2023
Updated: Nov 24, 2023
CWE ID 281


CVE-2023-43612 is a cyber vulnerability found in OpenHarmony v3.2.2 and earlier versions, affecting multiple products such as qYlmC-, qYlmC_, phEj9c, qYlmDU, and more. This vulnerability allows a local attacker to gain arbitrary file read and write access due to improper preservation of permissions. The risk score for this vulnerability is 27, indicating a high severity level. The exploitability score is 1.8, with low privileges required and no user interaction needed. The attack vector is local, and both the integrity and confidentiality impacts are rated as high. Remediation measures should be taken to mitigate the potential danger this vulnerability poses to organizations using OpenHarmony software.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-43612 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options