Design/Logic Flaw

2023-06-1607:15:00

PRIOn knowledge base

www.prio-n.com

unauthorized access

vulnerability

save for later

ai touch

third-party apps

forge a uri

zero permissions

5.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.1%

JSON

Unauthorized access vulnerability in the Save for later feature provided by AI Touch.Successful exploitation of this vulnerability may cause third-party apps to forge a URI for unauthorized access with zero permissions.

CPENameOperatorVersion
harmonyoseq2.1

CPE	Name	Operator	Version
	harmonyos	eq	2.1

References

device.harmonyos.com/en/docs/security/update/security-bulletins-202306-0000001560777672