CVE-2023-0117

Summary

The online authentication provided by the hwKitAssistant lacks strict identity verification of applications. Successful exploitation of this vulnerability may affect availability of features,such as MeeTime.

Affected Software

VendorProductVersion RangeStatus
HuaweiHarmonyOS3.1.0affected
HuaweiHarmonyOS3.0.0affected
HuaweiEMUI13.0.0affected

Weaknesses

  • Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References