CVE-2022-42463 Information

Description

OpenHarmony-v3.1.2 and prior versions have an authenication bypass vulnerability in a callback handler function of Softbus_server in communication subsystem. Attackers can launch attacks on distributed networks by sending Bluetooth rfcomm packets to any remote device and executing arbitrary commands.

Reference

https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-10.md