CVE-2022-44455

Name of the Vulnerable Software and Affected Versions OpenHarmony versions prior to 3.1.2

Description The issue is related to a buffer overflow vulnerability due to insufficient input validation in the appspawn and nwebspawn services. This could allow an unprivileged malicious application to gain code execution within any application installed on the device or cause an application crash.

Recommendations For OpenHarmony versions prior to 3.1.2, update to a version newer than 3.1.2 to resolve the issue. As a temporary workaround, consider restricting the use of the appspawn and nwebspawn services to minimize the risk of exploitation.