CVE-2022-43451

Name of the Vulnerable Software and Affected Versions OpenHarmony versions prior to 3.1.2

Description The issue is related to a multiple path traversal vulnerability in the appspawn and nwebspawn services. This vulnerability allows local attackers to create arbitrary directories or escape the application sandbox. If combined with other vulnerabilities, it could enable an unprivileged process to gain full root privileges.

Recommendations For OpenHarmony versions prior to 3.1.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.