CVE-2022-38081

Summary

OpenHarmony-v3.1.2 and prior versions have a permission bypass vulnerability. LAN attackers can bypass the distributed permission control.To take advantage of this weakness, attackers need another vulnerability to obtain system.

Affected Software

VendorProductVersion RangeStatus
OpenHarmonyOpenHarmonyOpenHarmony-v3.1.x-Release <= 3.1.2affected

Weaknesses

  • CWE-305: CWE-305 Authentication Bypass by Primary Weakness

ADP Enrichment

CVE Program Container

Additional References

References