Improper Authentication in Huawei AR3200 Networking Devices
CVE-2020-9068

9.8CRITICAL

Key Information:

Vendor
Huawei
Status
Vendor
CVE Published:
27 April 2020

Summary

Huawei AR3200 series products contain an improper authentication vulnerability that could allow attackers to gain unauthorized access. To exploit this issue, malicious actors must perform a series of specific operations. If successfully executed, this could grant them certain permissions on the affected device, potentially compromising its integrity and security. Users are advised to implement recommended security measures to mitigate this risk.

Affected Version(s)

AR3200 V200R007C00SPC900

AR3200 V200R007C00SPCa00

AR3200 V200R007C00SPCb00

References

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.