softbus_client_stub in communication subsystem within...
High severity
Unreviewed
Published
Jan 9, 2023
to the GitHub Advisory Database
•
Updated Sep 9, 2024
Description
Published by the National Vulnerability Database
Jan 9, 2023
Published to the GitHub Advisory Database
Jan 9, 2023
Last updated
Sep 9, 2024
softbus_client_stub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege.
References