CVE-2025-23414
Published: 04 March 2025
Summary
CVE-2025-23414 is a low-severity Use After Free (CWE-416) vulnerability in Openatom Openharmony. Its CVSS base score is 3.8 (Low).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 30.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2025-23414 is a use-after-free vulnerability (CWE-416) in OpenHarmony versions v5.0.2 and prior. Published on 2025-03-04T04:15:15.377, it enables a local attacker to achieve arbitrary code execution within pre-installed applications. The vulnerability carries a CVSS v3.1 base score of 3.8 (AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N), reflecting low severity with local access requirements, low attack complexity, low privileges needed, no user interaction, changed scope, and limited confidentiality impact.
A local attacker with low privileges can exploit this vulnerability to execute arbitrary code in pre-installed apps. Exploitation is possible only in restricted scenarios, requiring physical or logical local access to the system. While it grants code execution, impacts are confined to low confidentiality disclosure with no integrity or availability effects.
The OpenHarmony security advisory provides further details on this vulnerability at https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-03.md.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-7638
Vulnerability details
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The use-after-free vulnerability in pre-installed applications allows a local attacker with low privileges to achieve arbitrary code execution, directly enabling exploitation for privilege escalation (T1068) as the attacker starts with low privileges and gains code execution in system-level apps.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates the use-after-free vulnerability by requiring timely patching of the affected OpenHarmony pre-installed applications.
Implements memory protection mechanisms that prevent exploitation of the use-after-free vulnerability through unauthorized memory access.
Enforces process isolation for pre-installed applications to confine arbitrary code execution and limit impact to the exploited process.