CVE-2023-0117

2023-05-2600:00:00

huawei

www.cve.org

cve-2023-0117

hwkitassistant

identity verification

exploitation

availability

meetime

5.8 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.4%

JSON

The online authentication provided by the hwKitAssistant lacks strict identity verification of applications. Successful exploitation of this vulnerability may affect availability of features,such as MeeTime.

CNA Affected

[
  {
    "vendor": "Huawei",
    "product": "HarmonyOS",
    "versions": [
      {
        "version": "3.1.0",
        "status": "affected"
      },
      {
        "version": "3.0.0",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Huawei",
    "product": "EMUI",
    "versions": [
      {
        "version": "13.0.0",
        "status": "affected"
      }
    ]
  }
]

References

consumer.huawei.com/en/support/bulletin/2023/5/