Login Sign Up

CVE-2023-39385

9.1 CRITICAL
Authentication Bypass

📋 TL;DR

This vulnerability involves configuration defects in the media module of certain Huawei products, allowing unauthorized access to affected systems. It affects Huawei devices running HarmonyOS with specific media module configurations. Successful exploitation could compromise device security and data.

💻 Affected Systems

Products:
  • Huawei smartphones and tablets with affected media modules
Versions: HarmonyOS versions prior to security updates released in August 2023
Operating Systems: HarmonyOS
Default Config Vulnerable: ⚠️ Yes
Notes: Specific product models not detailed in available references; requires checking Huawei security bulletins for exact affected devices.

📦 What is this software?

Emui by Huawei

View all CVEs affecting Emui →

Emui by Huawei

View all CVEs affecting Emui →

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing attackers to access sensitive media data, execute arbitrary code, or gain persistent access to the device.

🟠

Likely Case

Unauthorized access to media files and potentially other system resources through the vulnerable media module.

🟢

If Mitigated

Limited impact with proper access controls and network segmentation preventing exploitation attempts.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Configuration defects typically require minimal technical skill to exploit if vulnerable configuration is present.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: HarmonyOS security updates released in August 2023

Vendor Advisory: https://consumer.huawei.com/en/support/bulletin/2023/8/

Restart Required: Yes

Instructions:

1. Check for available system updates in device settings. 2. Install the latest HarmonyOS security update. 3. Restart the device after installation completes.

🔧 Temporary Workarounds

Disable media module if unused

all

Temporarily disable the affected media module functionality if not required for device operation.

Restrict network access

all

Limit device network connectivity to trusted networks only to reduce attack surface.

🧯 If You Can't Patch

  • Isolate affected devices on separate network segments
  • Implement strict access controls and monitor for unusual media module activity

🔍 How to Verify

Check if Vulnerable:

Check HarmonyOS version in device settings and compare against August 2023 security updates.

Check Version:

Settings > System & updates > Software update (on HarmonyOS devices)

Verify Fix Applied:

Verify HarmonyOS version shows security patch level of August 2023 or later.

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized access attempts to media services
  • Abnormal media module process activity

Network Indicators:

  • Unexpected network traffic to/from media service ports

SIEM Query:

source="huawei-device" AND (event_type="media_access" OR process="media_module") AND result="denied"

📊 Metadata

CVE ID: CVE-2023-39385
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CWE: CWE-16
Published: August 13, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-39385, you might also want to check these:

CVE-2018-11922 9.8

The Touch Pal application on Qualcomm devices was configured to collect user behavior data without u...

Same vulnerability type (CWE-16)
CVE-2021-20032 9.8

SonicWall Analytics 2.5 On-Prem has a Java Debug Wire Protocol (JDWP) interface misconfiguration tha...

Same vulnerability type (CWE-16)
CVE-2024-46909 9.8

CVE-2024-46909 is a critical remote code execution vulnerability in WhatsUp Gold network monitoring ...

Same vulnerability type (CWE-16)