CVE-2023-39396

HIGH

Huawei Emui - Insecure Deserialization

Title source: rule

Deserialization vulnerability in the input module. Successful exploitation of this vulnerability may affect availability.

Core 2

Core References

Vendor Advisory

Vendor Advisory

CVSS v3 7.5

EPSS 0.0010

EPSS Percentile 26.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

CWE

CWE-502 CWE-125

Status published

Products (3)

huawei/emui 13.0.0

huawei/harmonyos 3.0.0

huawei/harmonyos 3.1.0

Published Aug 13, 2023

Tracked Since Feb 18, 2026