CVE-2023-0036 Information

Description

platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an \SA relay attack.Local attackers can bypass authentication and attack other SAs with high privilege.

Reference

https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2023/2023-01.md