Login Sign Up

CVE-2023-52097

7.5 HIGH
Authentication Bypass

📋 TL;DR

This vulnerability allows attackers to bypass foreground service restrictions in Huawei's NMS module, potentially exposing sensitive service information. It affects Huawei devices running HarmonyOS with the vulnerable NMS module. Successful exploitation could compromise service confidentiality.

💻 Affected Systems

Products:
  • Huawei devices with NMS module
Versions: Specific versions not detailed in references; check Huawei security bulletins
Operating Systems: HarmonyOS
Default Config Vulnerable: ⚠️ Yes
Notes: Affects Huawei devices running vulnerable versions of HarmonyOS with the NMS module enabled.

📦 What is this software?

Emui by Huawei

View all CVEs affecting Emui →

Emui by Huawei

View all CVEs affecting Emui →

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain unauthorized access to sensitive service data and potentially escalate privileges within affected systems.

🟠

Likely Case

Unauthorized access to service information leading to information disclosure about system operations.

🟢

If Mitigated

Limited impact with proper access controls and monitoring in place, though confidentiality may still be compromised.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires bypassing foreground service restrictions; complexity depends on attacker's access level.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Huawei security bulletins for specific patched versions

Vendor Advisory: https://consumer.huawei.com/en/support/bulletin/2024/2/

Restart Required: Yes

Instructions:

1. Check Huawei security bulletins for affected devices. 2. Apply the latest security updates from Huawei. 3. Restart devices after patching.

🔧 Temporary Workarounds

Disable unnecessary services

all

Reduce attack surface by disabling non-essential services in NMS module

🧯 If You Can't Patch

  • Implement strict access controls and monitoring for NMS module activities
  • Isolate affected systems from critical networks and implement network segmentation

🔍 How to Verify

Check if Vulnerable:

Check device HarmonyOS version and compare with Huawei security bulletins

Check Version:

Check device settings > About phone > HarmonyOS version

Verify Fix Applied:

Verify HarmonyOS version is updated to patched version listed in Huawei advisories

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized access attempts to NMS services
  • Unusual foreground service activity

Network Indicators:

  • Suspicious connections to NMS module ports

SIEM Query:

Search for events related to NMS module access outside normal patterns

📊 Metadata

CVE ID: CVE-2023-52097
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-200
Published: February 18, 2024
Last Updated: March 13, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-52097, you might also want to check these:

CVE-2025-61481 10.0

MikroTik RouterOS and SwOS expose their WebFig management interface over unencrypted HTTP by default...

Same vulnerability type (CWE-200)
CVE-2025-53624 10.0

The Docusaurus gists plugin versions before 4.0.0 expose GitHub Personal Access Tokens in client-sid...

Same vulnerability type (CWE-200)
CVE-2023-49103 10.0

This vulnerability in ownCloud's graphapi app exposes PHP configuration details (phpinfo) via a thir...

Same vulnerability type (CWE-200)