VYPR
Medium severity6.2NVD Advisory· Published Nov 3, 2022· Updated Jun 17, 2026

CVE-2022-43449

CVE-2022-43449

Description

OpenHarmony-v3.1.2 and prior versions had an Arbitrary file read vulnerability via download_server. Local attackers can install an malicious application on the device and reveal any file from the filesystem that is accessible to download_server service which run with UID 1000.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.