Vulnerabilities > CVE-2022-36423 - Out-of-bounds Write vulnerability in multiple products

CVSS 7.4 - HIGH

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

low complexity

openharmony

openatom

CWE-787

NVD

Published: 2022-09-09

Updated: 2024-09-09

Summary

OpenHarmony-v3.1.2 and prior versions have an incorrect configuration of the cJSON library, which leads a Stack overflow vulnerability during recursive parsing. LAN attackers can lead a DoS attack to all network devices.

Vulnerable Configurations

Part	Description	Count
Application	Openharmony Openharmony Openharmony *	1
OS	Openatom Openatom Openharmony 3.1 Openatom Openharmony 3.1.1 Openatom Openharmony 3.1.2	4

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-09.md