CVE-2024-21860

Published Feb 2, 2024

Last updated 11 days ago

Overview

Description
in OpenHarmony v4.0.0 and prior versions allow an adjacent attacker arbitrary code execution in any apps through use after free.
Source
scy@openharmony.io
NVD status
Modified

Risk scores

CVSS 3.1

Type
Primary
Base score
8.8
Impact score
5.9
Exploitability score
2.8
Vector string
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

scy@openharmony.io
CWE-416
nvd@nist.gov
CWE-416

Social media

Hype score
Not currently trending

Configurations