CVE-2023-46708
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Published Mar 4, 2024
CWE ID 416
Summary
CVE-2023-46708 is a new vulnerability affecting OpenHarmony version 3.2.4 and earlier releases. This issue grants local attackers the ability to execute arbitrary code in any apps through a use-after-free condition. By manipulating memory in a specific way, an attacker can trigger the vulnerability and inject malicious code, potentially leading to a compromise of the affected system. This vulnerability poses a significant risk to users running affected versions of OpenHarmony and requires immediate attention to apply the available patches.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share