CVE-2023-0083

Summary

The ArKUI framework subsystem within OpenHarmony-v3.1.5 and prior versions,

OpenHarmony-v3.0.7 and prior versions

has an Improper Input Validation vulnerability which local attackers can exploit this vulnerability to send malicious data, causing the current application to crash.

Affected Software

VendorProductVersion RangeStatus
OpenHarmonyOpenHarmony3.0 <= 3.0.7affected
OpenHarmonyOpenHarmony3.1 <= 3.1.5affected

Weaknesses

  • CWE-843: CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References