CVE-2024-21863

MEDIUM

OpenHarmony < 3.2.4 - Denial of Service via Improper Input Validation

Title source: llm

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through improper input.

Core 1

Core References

Third Party Advisory

CVSS v3 4.7

EPSS 0.0002

EPSS Percentile 7.0%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

CWE

CWE-20

Status published

Products (2)

openatom/openharmony 4.0

openatom/openharmony 3.2.0 - 3.2.4

Published Feb 02, 2024

Tracked Since Feb 18, 2026