exploitDog

GHSA-rjp6-whc2-47rm

Опубликовано: 14 окт. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

OpenHarmony-v3.1.2 and prior versions have a Missing permission validation vulnerability in param service of startup subsystem. An malicious application installed on the device could elevate its privileges to the root user, disable security features, or cause DoS by disabling particular services.

OpenHarmony-v3.1.2 and prior versions have a Missing permission validation vulnerability in param service of startup subsystem. An malicious application installed on the device could elevate its privileges to the root user, disable security features, or cause DoS by disabling particular services.

Ссылки

EPSS

Процентиль: 16%

0.0005

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-862

Связанные уязвимости

CVE-2022-42488

CVSS3: 8.4

nvd

больше 3 лет назад

OpenHarmony-v3.1.2 and prior versions have a Missing permission validation vulnerability in param service of startup subsystem. An malicious application installed on the device could elevate its privileges to the root user, disable security features, or cause DoS by disabling particular services.

EPSS

Процентиль: 16%

0.0005

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-862