DLL Hijacking Flaw in HiSuite by Huawei
CVE-2020-9100

7.8HIGH

Key Information:

Vendor
Huawei
Status
Vendor
CVE Published:
6 July 2020

Summary

A vulnerability in HiSuite, a software application by Huawei, allows an attacker to exploit the improper loading of DLL files. Versions prior to 10.1.0.500 are susceptible to this flaw, leading to the potential execution of arbitrary code by an external actor. This risk emphasizes the importance of application updates and security best practices to mitigate such threats.

Affected Version(s)

HiSuite Earlier than HiSuite 10.1.0.500

References

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.