Login Sign Up

CVE-2023-52376

7.5 HIGH

📋 TL;DR

This CVE describes an information management vulnerability in Huawei's Gallery module that could allow unauthorized access to sensitive information. Successful exploitation affects service confidentiality, potentially exposing user data. Affected systems include Huawei devices running HarmonyOS with vulnerable Gallery versions.

💻 Affected Systems

Products:
  • Huawei devices with Gallery module
Versions: Specific HarmonyOS versions as detailed in Huawei security bulletins (check vendor advisory for exact versions)
Operating Systems: HarmonyOS
Default Config Vulnerable: ⚠️ Yes
Notes: Affects Huawei smartphones and tablets with vulnerable Gallery app versions. Exact device models and versions specified in Huawei security bulletins.

📦 What is this software?

Emui by Huawei

View all CVEs affecting Emui →

Emui by Huawei

View all CVEs affecting Emui →

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of user gallery data including private photos, videos, and metadata, potentially leading to privacy violations and data theft.

🟠

Likely Case

Unauthorized access to some gallery content or metadata, exposing personal photos and information to attackers.

🟢

If Mitigated

Limited or no data exposure due to proper access controls and network segmentation.

🌐 Internet-Facing: MEDIUM - Requires device to be accessible from internet and vulnerable service to be exposed.
🏢 Internal Only: MEDIUM - Internal attackers or compromised devices could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation likely requires some level of access or interaction with the Gallery module. No public exploit code identified at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Huawei security bulletins for specific patched versions

Vendor Advisory: https://consumer.huawei.com/en/support/bulletin/2024/2/

Restart Required: Yes

Instructions:

1. Check device HarmonyOS version. 2. Navigate to Settings > System & updates > Software update. 3. Download and install available security updates. 4. Restart device after update completes.

🔧 Temporary Workarounds

Disable Gallery app permissions

all

Restrict Gallery app permissions to limit potential data exposure

Settings > Apps > Gallery > Permissions > Disable unnecessary permissions

Network segmentation

all

Isolate affected devices from untrusted networks

🧯 If You Can't Patch

  • Disable or restrict Gallery app functionality
  • Implement strict network access controls and monitor for suspicious Gallery activity

🔍 How to Verify

Check if Vulnerable:

Check HarmonyOS version in Settings > About phone > HarmonyOS version and compare with vulnerable versions in Huawei security bulletins

Check Version:

Settings > About phone > HarmonyOS version

Verify Fix Applied:

Verify HarmonyOS version is updated to patched version specified in Huawei security bulletins

📡 Detection & Monitoring

Log Indicators:

  • Unusual Gallery app access patterns
  • Multiple failed access attempts to Gallery data
  • Unexpected Gallery process activity

Network Indicators:

  • Suspicious network traffic from Gallery app
  • Unexpected data exfiltration from device

SIEM Query:

device.app="Gallery" AND (event.action="unauthorized_access" OR event.action="data_access")

📊 Metadata

CVE ID: CVE-2023-52376
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-212
Published: February 18, 2024
Last Updated: March 13, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-52376, you might also want to check these:

CVE-2022-2818 9.8

CVE-2022-2818 is an improper removal of sensitive information vulnerability in the cockpit repositor...

Same vulnerability type (CWE-212)
CVE-2020-11684 9.1

CVE-2020-11684 is a memory disclosure vulnerability in AT91bootstrap that fails to properly clear en...

Same vulnerability type (CWE-212)
CVE-2022-0355 8.8

CVE-2022-0355 is an information disclosure vulnerability in the NPM simple-get package where sensiti...

Same vulnerability type (CWE-212)