Login Sign Up

CVE-2024-3758

6.5 MEDIUM

📋 TL;DR

This vulnerability allows a local attacker to execute arbitrary code with Trusted Computing Base (TCB) privileges through a heap buffer overflow in OpenHarmony. It affects OpenHarmony v4.0.0 and earlier versions. Attackers need local access to exploit this vulnerability.

💻 Affected Systems

Products:
  • OpenHarmony
Versions: v4.0.0 and prior versions
Operating Systems: OpenHarmony-based systems
Default Config Vulnerable: ⚠️ Yes
Notes: Affects systems running vulnerable OpenHarmony versions. TCB components are typically high-privilege system components.

📦 What is this software?

Openharmony by Openatom

View all CVEs affecting Openharmony →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with TCB privileges, allowing attackers to bypass security boundaries, install persistent malware, or manipulate system integrity.

🟠

Likely Case

Local privilege escalation allowing attackers to gain elevated privileges and potentially access sensitive data or system resources.

🟢

If Mitigated

Limited impact if proper access controls and privilege separation are implemented, though buffer overflow could still cause crashes.

🌐 Internet-Facing: LOW - Requires local access to exploit, not directly exploitable over network.
🏢 Internal Only: HIGH - Local attackers can exploit this to gain TCB privileges, posing significant risk to system integrity.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access and knowledge of heap manipulation techniques. CWE-122 indicates heap-based buffer overflow vulnerability.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after v4.0.0

Vendor Advisory: https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-05.md

Restart Required: Yes

Instructions:

1. Check current OpenHarmony version. 2. Update to latest version beyond v4.0.0. 3. Apply security patches from OpenHarmony security advisories. 4. Reboot system to ensure patches are fully applied.

🔧 Temporary Workarounds

Restrict local access

all

Limit physical and remote local access to vulnerable systems to reduce attack surface

Implement privilege separation

all

Ensure proper privilege separation and least privilege principles are applied to TCB components

🧯 If You Can't Patch

  • Isolate vulnerable systems from critical networks and sensitive data
  • Implement strict access controls and monitoring for local user activities

🔍 How to Verify

Check if Vulnerable:

Check OpenHarmony version: cat /etc/os-release or equivalent system version command

Check Version:

cat /etc/os-release | grep VERSION or system version query command

Verify Fix Applied:

Verify version is updated beyond v4.0.0 and check for applied security patches in update logs

📡 Detection & Monitoring

Log Indicators:

  • Unusual privilege escalation attempts
  • TCB component crashes or abnormal behavior
  • Buffer overflow related error messages

Network Indicators:

  • Not applicable - local exploitation only

SIEM Query:

Search for: 'OpenHarmony TCB crash' OR 'privilege escalation' OR 'buffer overflow' in system logs

📊 Metadata

CVE ID: CVE-2024-3758
CVSS v3 Score: 6.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
CWE: CWE-122
Published: May 7, 2024
Last Updated: January 2, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-3758, you might also want to check these:

CVE-2021-21940 10.0

A heap-based buffer overflow vulnerability in Anker Eufy Homebase 2's RTSP handling allows remote co...

Same vulnerability type (CWE-122)
CVE-2023-45318 10.0

This critical vulnerability allows remote attackers to execute arbitrary code on systems running Wes...

Same vulnerability type (CWE-122)
CVE-2025-23123 10.0

A heap buffer overflow vulnerability in UniFi Protect Camera firmware allows remote code execution. ...

Same vulnerability type (CWE-122)