CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-39408
https://notcve.org/view.php?id=CVE-2023-39408
DoS vulnerability in the PMS module. Successful exploitation of this vulnerability may cause the system to restart. Vulnerabilidad DoS en el módulo PMS. La explotación exitosa de esta vulnerabilidad puede hacer que el sistema se reinicie. • https://consumer.huawei.com/en/support/bulletin/2023/9 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202309-0000001638925158 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-39404
https://notcve.org/view.php?id=CVE-2023-39404
Vulnerability of input parameter verification in certain APIs in the window management module. Successful exploitation of this vulnerability may cause the device to restart. • https://consumer.huawei.com/en/support/bulletin/2023/8 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 9EXPL: 0CVE-2023-39403
https://notcve.org/view.php?id=CVE-2023-39403
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization. • https://consumer.huawei.com/en/support/bulletin/2023/8 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 • CWE-285: Improper Authorization CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 9.1EPSS: 0%CPEs: 9EXPL: 0CVE-2023-39402
https://notcve.org/view.php?id=CVE-2023-39402
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization. • https://consumer.huawei.com/en/support/bulletin/2023/8 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-285: Improper Authorization •
CVSS: 9.1EPSS: 0%CPEs: 9EXPL: 0CVE-2023-39401
https://notcve.org/view.php?id=CVE-2023-39401
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization. • https://consumer.huawei.com/en/support/bulletin/2023/8 https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-285: Improper Authorization •