CVE-2020-1845Improper Privilege Management in Huawei Pcmanager

CWE-269Improper Privilege Management3 documents3 sources
Severity
6.7MEDIUMNVD
EPSS
0.0%
top 93.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei Pcmanager
Timeline
PublishedApr 27
Latest updateMay 24

Description

Huawei PCManager product with versions earlier than 10.0.5.53 have a local privilege escalation vulnerability. An authenticated, local attacker can perform specific operation to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages2 packages

NVDhuawei/pcmanager< 10.0.5.53
CVEListV5huawei/pcmanagerVersions earlier than 10.0.5.53

🔴Vulnerability Details

2
GHSA
GHSA-rhjw-325p-xv9q: Huawei PCManager product with versions earlier than 102022-05-24
CVEList
CVE-2020-1845: Huawei PCManager product with versions earlier than 102020-04-27
CVE-2020-1845 — Improper Privilege Management in Huawei | cvebase