Denial of Service Vulnerability in FusionAccess by Huawei
CVE-2020-1825

6.5MEDIUM

Key Information:

Vendor: Huawei
Status: Fusionaccess
Vendor: CVE Published:; 15 June 2020

Summary

FusionAccess, an enterprise cloud desktop solution by Huawei, has a vulnerability that allows attackers to cause a Denial of Service (DoS). This issue arises from inadequate validation of specific input data. By sending specially crafted messages to the affected device through another device on the same network, an attacker can exploit this vulnerability, potentially leading to abnormal behavior in affected devices. Organizations using versions of FusionAccess prior to 6.5.1.SPC002 should prioritize patching to mitigate this risk.

Affected Version(s)

FusionAccess Versions earlier than 6.5.1.SPC002

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 15, 2020
Vulnerability Reserved
Nov 29, 2019