Vulnerabilities > CVE-2022-43495 - NULL Pointer Dereference vulnerability in Openharmony 3.1/3.1.1/3.1.2

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
openharmony
CWE-476

Summary

OpenHarmony-v3.1.2 and prior versions had a DOS vulnerability in distributedhardware_device_manager when joining a network. Network attakcers can send an abonormal packet when joining a network, cause a nullptr reference and device reboot.

Vulnerable Configurations

Part Description Count
Application
Openharmony
5

Common Weakness Enumeration (CWE)