Insufficient Verification Vulnerability in Huawei HEGE-560 and OSCA Series
CVE-2020-1843
6.8MEDIUM
Key Information:
- Vendor
- Huawei
- Vendor
- CVE Published:
- 18 February 2020
Summary
The Huawei HEGE-560 and OSCA series, specifically the versions mentioned, have a vulnerability that arises from insufficient verification. An adversary with physical access can exploit this flaw to perform unauthorized operations, which could lead to potential misuse of the affected devices. This vulnerability emphasizes the need for enhanced security measures to prevent physical access exploitation.
Affected Version(s)
HEGE-560 1.0.1.20(SP2)
OSCA-550 1.0.0.71(SP1)
OSCA-550A 1.0.0.71(SP1)
References
CVSS V3.1
Score:
6.8
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved