Medium severity6.5NVD Advisory· Published Jan 9, 2023· Updated Jun 17, 2026
CVE-2023-0036
CVE-2023-0036
Description
platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege.
Affected products
2<=3.0.5+ 1 more
- (no CPE)range: <=3.0.5
- (no CPE)range: 3.0
Patches
Vulnerability mechanics
References
1- gitee.com/openharmony/security/blob/master/en/security-disclosure/2023/2023-01.mdnvdThird Party Advisory
News mentions
0No linked articles in our index yet.