CVE-2023-26547

Description

The InputMethod module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.

Related CPE's

ohuaweiharmonyos2.0*******

ohuaweiemui11.0.1*******

ohuaweiemui12.0.0*******

ohuaweiharmonyos2.1*******

ohuaweiharmonyos3.0.0*******

ohuaweiemui12.0.1*******

ohuaweiharmonyos2.0.1*******

ohuaweiharmonyos3.1.0*******

ohuaweiemui13.0.0*******

References

https://device.harmonyos.com/en/docs/security/update/security-bulletins-202303-0000001529824505

Vendor Advisory

https://consumer.huawei.com/en/support/bulletin/2023/3/

Vendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics
Created by Yello
About Severity.io