Home > Vulnerability Database > CVE-2022-44455

Mend.io Vulnerability Database

CVE-2022-44455

Good to know:

Date: December 7, 2022

The appspawn and nwebspawn services within OpenHarmony-v3.1.2 and prior versions were found to be vulnerable to buffer overflow vulnerability due to insufficient input validation. An unprivileged malicious application would be able to gain code execution within any application installed on the device or cause application crash.

Language: C++

Severity Score

6.8

Related Resources (3)

Url: https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-12.md

Url: https://nvd.nist.gov/vuln/detail/CVE-2022-44455

Url: https://www.mend.io/vulnerability-database/CVE-2022-44455

Severity Score

6.8

Weakness Type (CWE)

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE-120

Top Fix

Upgrade Version

Upgrade to version OpenHarmony-v3.0.7-LTS,OpenHarmony-v3.1.3-Release

Learn More

CVSS v3.1

Base Score:	6.8
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	HIGH
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2022-44455

Good to know:

Date: December 7, 2022

Language: C++

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?