Improper Authentication in Huawei AR3200 Networking Devices
CVE-2020-9068

9.8CRITICAL

Key Information:

Vendor: Huawei
Status: Ar3200
Vendor: CVE Published:; 27 April 2020

What is CVE-2020-9068?

Huawei AR3200 series products contain an improper authentication vulnerability that could allow attackers to gain unauthorized access. To exploit this issue, malicious actors must perform a series of specific operations. If successfully executed, this could grant them certain permissions on the affected device, potentially compromising its integrity and security. Users are advised to implement recommended security measures to mitigate this risk.

Affected Version(s)

AR3200 V200R007C00SPC900

AR3200 V200R007C00SPCa00

AR3200 V200R007C00SPCb00

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 27, 2020
Vulnerability Reserved
Feb 18, 2020