Insufficient Integrity Validation in OSCA Devices by Huawei
CVE-2020-1802

4.6MEDIUM

Key Information:

Vendor
Huawei
Vendor
CVE Published:
10 April 2020

Summary

An insufficient integrity validation issue exists in multiple Huawei OSCA devices. This vulnerability allows attackers to exploit the device by loading malicious files via USB due to inadequate verification during the loading process. Successful exploitation can compromise device integrity and security, emphasizing the need for users to update to secure versions.

Affected Version(s)

OSCA-550;OSCA-550A;OSCA-550AX;OSCA-550X 1.0.1.23(SP2)

References

CVSS V3.1

Score:
4.6
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.