CVE-2023-0036: platform_callback_stub in misc subsystem has an authentication bypass vulnerability which allows an "SA relay attack".
First published: Mon Jan 09 2023(Updated: )
platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege.
Credit: scy@openharmony.io scy@openharmony.io
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Openharmony Openharmony | >=3.0<=3.0.5 | |
| >=3.0<=3.0.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-0036?
CVE-2023-0036 refers to a vulnerability in OpenHarmony-v3.0.5 and prior versions that allows an authentication bypass leading to an "SA relay attack".
How severe is CVE-2023-0036?
CVE-2023-0036 has a severity value of 7.8, which is considered high.
What is the affected software for CVE-2023-0036?
The affected software for CVE-2023-0036 is OpenHarmony-v3.0.5 and prior versions.
How can local attackers exploit CVE-2023-0036?
Local attackers can exploit CVE-2023-0036 by bypassing authentication and attacking other SAs with high privilege.
Is there a fix for CVE-2023-0036?
At the time of writing, there is no information available regarding a specific fix for CVE-2023-0036. It is recommended to follow the official vendor's security advisories for updates.
- collector/nvd-index
- agent/weakness
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/title
- agent/description
- agent/first-publish-date
- agent/event
- agent/last-modified-date
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- vendor/openharmony
- canonical/openharmony openharmony
- version/openharmony openharmony/3.0
- version/openharmony openharmony/3.0.5
- vendor/openatom