CVE-2020-1855

CWE-20Improper Input Validation3 documents3 sources
Severity
6.1MEDIUM
EPSS
0.1%
top 81.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Huawei Hege-570Huawei Hege-560 FirmwareHuawei Hege-570 Firmware+4 more
Timeline
PublishedFeb 18
Latest updateMay 24

Description

Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability. An attacker can access the device physically and exploit this vulnerability to tamper with device information. Successful exploit may cause service abnormal.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:HExploitability: 0.9 | Impact: 5.2

Affected Packages7 packages

NVDhuawei/osca-550ax_firmware1.0.1.21\(sp3\)
NVDhuawei/osca-550a_firmware1.0.1.21\(sp3\)
NVDhuawei/osca-550x_firmware1.0.1.21\(sp3\)
NVDhuawei/osca-550_firmware1.0.1.21\(sp3\)
CVEListV5huawei/hege-5701.0.1.22(SP3)

🔴Vulnerability Details

2
GHSA
GHSA-r4p9-4g64-q7xc: Huawei HEGE-570 version 12022-05-24
CVEList
CVE-2020-1855: Huawei HEGE-570 version 12020-02-18
CVE-2020-1855 (MEDIUM CVSS 6.1) | Huawei HEGE-570 version 1.0.1.22(SP | cvebase.io