← back
CVE-2023-39388

CVE-2023-39388

EPSS 0.4%CWE-120CWE-1285
In short

The PMS module doesn't properly check user input before using it, which can cause the home screen to stop working. An attacker can exploit this by sending specially crafted input to disable important functionality.

Technical detail

CWE-120 (buffer overflow) and CWE-1285 (improper validation) in the PMS module allow unauthenticated or authenticated attackers to send malformed input parameters that bypass validation checks, resulting in denial of service affecting the home screen availability.

Summary generated and translated by AI from the official description.
Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability.
Affected products
Huawei · EMUIHuawei · HarmonyOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://consumer.huawei.com/en/support/bulletin/2023/8/https://device.harmonyos.com/en/docs/security/update/security-bulletins-202308-0000001667644725