Lucene search

[email protected]CVE-2023-41306

HistorySep 27, 2023 - 3:19 p.m.

CVE-2023-41306

2023-09-2715:19:28

CWE-362

[email protected]

web.nvd.nist.gov

cve-2023-41306

vulnerability

mutex management

bone voice id

ta module

exploitation

unavailability

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

4.3 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.1%

JSON

Vulnerability of mutex management in the bone voice ID trusted application (TA) module. Successful exploitation of this vulnerability may cause the bone voice ID feature to be unavailable.

Affected configurations

NVD

Node

huaweiemuiMatch12.0

huaweiemuiMatch12.0.1

huaweiharmonyosMatch2.0.0

huaweiharmonyosMatch2.0.1

CPENameOperatorVersion
huawei:emuihuawei emuieq12.0
huawei:emuihuawei emuieq12.0.1
huawei:harmonyoshuawei harmonyoseq2.0.0
huawei:harmonyoshuawei harmonyoseq2.0.1

CPE	Name	Operator	Version
huawei:emui	huawei emui	eq	12.0
huawei:emui	huawei emui	eq	12.0.1
huawei:harmonyos	huawei harmonyos	eq	2.0.0
huawei:harmonyos	huawei harmonyos	eq	2.0.1

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "HarmonyOS",
    "vendor": "Huawei",
    "versions": [
      {
        "status": "affected",
        "version": "2.0.1"
      },
      {
        "status": "affected",
        "version": "2.0.0"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "EMUI",
    "vendor": "Huawei",
    "versions": [
      {
        "status": "affected",
        "version": "12.0.1"
      },
      {
        "status": "affected",
        "version": "12.0.0"
      }
    ]
  }
]

References

consumer.huawei.com/en/support/bulletin/2023/9/

device.harmonyos.com/en/docs/security/update/security-bulletins-202309-0000001638925158

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

4.3 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.1%

JSON

Related for CVE-2023-41306

cvelist1 prion1 nvd1