Improper Integrity Checking Vulnerability in Huawei HEGE and OSCA Products
CVE-2020-1879
3.9LOW
Key Information:
- Vendor
- Huawei
- Vendor
- CVE Published:
- 20 March 2020
Summary
An improper integrity checking vulnerability has been identified in select Huawei products. This flaw allows an attacker with elevated privileges to execute malicious modifications to the software, potentially compromising the integrity of the affected systems. Notably, the impacted versions include specific releases of the HEGE and OSCA product lines, where the security oversight in integrity verification creates avenues for exploitation.
Affected Version(s)
HEGE-560;HEGE-570;OSCA-550;OSCA-550A;OSCA-550AX;OSCA-550X 1.0.1.21(SP3)
HEGE-560;HEGE-570;OSCA-550;OSCA-550A;OSCA-550AX;OSCA-550X 1.0.1.22(SP3)
References
CVSS V3.1
Score:
3.9
Severity:
LOW
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved