CVE-2024-27895

HIGH

HarmonyOS - Improper Access Control in Window Module

Title source: llm

Vulnerability of permission control in the window module. Successful exploitation of this vulnerability may affect confidentiality.

Core 2

Core References

Not Applicable, Vendor Advisory

Broken Link, Vendor Advisory

CVSS v3 7.5

EPSS 0.0007

EPSS Percentile 21.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

CWE

CWE-284

Status published

Products (1)

huawei/harmonyos 4.0.0

Published Apr 08, 2024

Tracked Since Feb 18, 2026