CVE-2023-3116 – This vulnerability in OpenHarmony allows a loca... (How to Fix)

Q: What is the severity of CVE-2023-3116?

CVE-2023-3116 has a CVSS score of 7.3 (HIGH). This vulnerability in OpenHarmony allows a local attacker to access confidential information or modify sensitive files due to incorrect default permissions. It affects OpenHarmony v3.2.2 and prior versions, potentially compromising system integrity and confidentiality for users of these versions.

📋 TL;DR

This vulnerability in OpenHarmony allows a local attacker to access confidential information or modify sensitive files due to incorrect default permissions. It affects OpenHarmony v3.2.2 and prior versions, potentially compromising system integrity and confidentiality for users of these versions.

💻 Affected Systems

Products:

OpenHarmony

Versions: v3.2.2 and prior versions

Operating Systems: OpenHarmony-based systems

Default Config Vulnerable: ⚠️ Yes

Notes: This vulnerability stems from incorrect default permissions set in the affected versions, making systems vulnerable out-of-the-box.

📦 What is this software?

Openharmony by Openatom

View all CVEs affecting Openharmony →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker gains unauthorized access to sensitive data or modifies critical system files, leading to data theft, system compromise, or denial of service.

🟠

Likely Case

Local users exploit weak permissions to read or alter files they shouldn't have access to, resulting in information disclosure or minor system disruptions.

🟢

If Mitigated

With proper access controls and patching, the risk is minimized to low, preventing unauthorized file access and maintaining system security.

🌐 Internet-Facing: LOW, as this is a local vulnerability requiring physical or local access to the device, not exploitable remotely over the internet.

🏢 Internal Only: HIGH, because it can be exploited by any local user or malicious insider with access to the affected OpenHarmony system.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires local access but is straightforward due to the permissions issue; no public proof-of-concept has been disclosed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: OpenHarmony v3.2.3 or later

Vendor Advisory: https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2023/2023-12.md

Restart Required: Yes

Instructions:

1. Check current OpenHarmony version. 2. Update to v3.2.3 or later via official channels. 3. Restart the system to apply changes.

🔧 Temporary Workarounds

Manual Permission Adjustment

linux

Review and tighten file permissions on sensitive directories and files to restrict access to authorized users only.

chmod 600 /path/to/sensitive/file
chown root:root /path/to/sensitive/file

🧯 If You Can't Patch

Implement strict access controls and least privilege principles for local users.
Monitor file access logs for unauthorized activities and isolate affected systems from critical networks.

🔍 How to Verify

Check if Vulnerable:

Check the OpenHarmony version; if it is v3.2.2 or earlier, the system is vulnerable.

Check Version:

uname -a or check system settings for OpenHarmony version

Verify Fix Applied:

After updating, confirm the version is v3.2.3 or later and test file permissions on sensitive paths.

📡 Detection & Monitoring

Log Indicators:

Unusual file access or modification events in system logs, especially by non-privileged users.

Network Indicators:

Not applicable as this is a local vulnerability.

SIEM Query:

Search for events where file permissions are changed or sensitive files are accessed by unexpected users.

📊 Metadata

CVE ID: CVE-2023-3116

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE: CWE-276

Published: November 20, 2023

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-3116, you might also want to check these: