Information Leakage Vulnerability in Huawei Products
CVE-2020-9069

6.5MEDIUM

Key Information:

Vendor: Huawei
Status: Anne-al00; Berkeley-l09; Cd16-10; Cd17-10
Vendor: CVE Published:; 21 May 2020

Summary

A vulnerability exists in specific Huawei products allowing unauthenticated, adjacent attackers to exploit it for unauthorized data decryption. Successful exploitation could lead to random information leakage from affected devices, thereby compromising the confidentiality and integrity of user data. The vulnerability impacts a broad spectrum of Huawei devices, emphasizing the need for immediate updates to the latest firmware versions to safeguard against potential breaches.

Affected Version(s)

Anne-AL00 earlier than 9.1.0.331(C675E9R1P3T8)

Berkeley-L09 earlier than 10.0.1.1(C675R1)

CD16-10 earlier than 10.0.2.8

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 21, 2020
Vulnerability Reserved
Feb 18, 2020