Improper Integrity Checking Vulnerability in Huawei HEGE and OSCA Products
CVE-2020-1879

3.9LOW

Key Information:

Vendor
Huawei
Vendor
CVE Published:
20 March 2020

Summary

An improper integrity checking vulnerability has been identified in select Huawei products. This flaw allows an attacker with elevated privileges to execute malicious modifications to the software, potentially compromising the integrity of the affected systems. Notably, the impacted versions include specific releases of the HEGE and OSCA product lines, where the security oversight in integrity verification creates avenues for exploitation.

Affected Version(s)

HEGE-560;HEGE-570;OSCA-550;OSCA-550A;OSCA-550AX;OSCA-550X 1.0.1.21(SP3)

HEGE-560;HEGE-570;OSCA-550;OSCA-550A;OSCA-550AX;OSCA-550X 1.0.1.22(SP3)

References

CVSS V3.1

Score:
3.9
Severity:
LOW
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.