Login Sign Up

CVE-2023-52538

9.1 CRITICAL

📋 TL;DR

This vulnerability allows attackers to bypass package name verification in the HwIms module, potentially disrupting services. It affects Huawei devices running HarmonyOS with the vulnerable HwIms module. Successful exploitation primarily impacts system availability.

💻 Affected Systems

Products:
  • Huawei smartphones and tablets with HarmonyOS
Versions: HarmonyOS versions prior to security updates released in March 2024
Operating Systems: HarmonyOS
Default Config Vulnerable: ⚠️ Yes
Notes: Specifically affects the HwIms module which handles IMS services. Requires the vulnerable module to be present and active.

📦 What is this software?

Emui by Huawei

View all CVEs affecting Emui →

Emui by Huawei

View all CVEs affecting Emui →

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

Harmonyos by Huawei

View all CVEs affecting Harmonyos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service disruption or denial of service on affected Huawei devices, potentially rendering them unusable until patched or reset.

🟠

Likely Case

Temporary service interruptions or instability in IMS (IP Multimedia Subsystem) functionality on mobile devices.

🟢

If Mitigated

Minimal impact with proper network segmentation and security controls limiting attack surface.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation likely requires some level of access or interaction with the device. No public exploit code has been identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: HarmonyOS security updates released in March 2024

Vendor Advisory: https://consumer.huawei.com/en/support/bulletin/2024/3/

Restart Required: Yes

Instructions:

1. Check for system updates in device Settings. 2. Install the latest HarmonyOS security update. 3. Restart the device after installation completes.

🔧 Temporary Workarounds

Disable unnecessary IMS services

all

Reduce attack surface by disabling IMS features not required for device operation

🧯 If You Can't Patch

  • Implement network segmentation to isolate affected devices from critical systems
  • Monitor for unusual IMS service behavior or service disruptions

🔍 How to Verify

Check if Vulnerable:

Check HarmonyOS version in Settings > About phone > HarmonyOS version. If before March 2024 security updates, device is likely vulnerable.

Check Version:

Settings > About phone > HarmonyOS version

Verify Fix Applied:

Verify HarmonyOS version includes March 2024 security updates. Check for absence of IMS service disruptions.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected IMS service crashes
  • Package verification failures in system logs
  • HwIms module errors

Network Indicators:

  • Unusual IMS protocol traffic patterns
  • Service disruption patterns

SIEM Query:

Search for HwIms process crashes or verification bypass attempts in system logs

📊 Metadata

CVE ID: CVE-2023-52538
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
CWE: CWE-347
Published: April 8, 2024
Last Updated: March 25, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-52538, you might also want to check these:

CVE-2022-24884 10.0

This vulnerability in ecdsautils allows attackers to forge ECDSA signatures by providing zero-value ...

Same vulnerability type (CWE-347)
CVE-2023-25574 10.0

CVE-2023-25574 is a critical authentication bypass vulnerability in jupyterhub-ltiauthenticator's LT...

Same vulnerability type (CWE-347)
CVE-2024-45409 10.0

CVE-2024-45409 is a critical authentication bypass vulnerability in the Ruby SAML library where SAML...

Same vulnerability type (CWE-347)