Insufficient Verification Vulnerability in Huawei HEGE-560 and OSCA Series
CVE-2020-1843

6.8MEDIUM

Key Information:

Vendor
Huawei
Vendor
CVE Published:
18 February 2020

Summary

The Huawei HEGE-560 and OSCA series, specifically the versions mentioned, have a vulnerability that arises from insufficient verification. An adversary with physical access can exploit this flaw to perform unauthorized operations, which could lead to potential misuse of the affected devices. This vulnerability emphasizes the need for enhanced security measures to prevent physical access exploitation.

Affected Version(s)

HEGE-560 1.0.1.20(SP2)

OSCA-550 1.0.0.71(SP1)

OSCA-550A 1.0.0.71(SP1)

References

CVSS V3.1

Score:
6.8
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.