Insufficient Input Validation in Huawei Taurus-AN00B Products
CVE-2020-9105
6.7MEDIUM
Summary
Huawei Taurus-AN00B devices prior to version 10.1.0.156(C00E155R7P2) are susceptible to an insufficient input validation flaw. This vulnerability allows an attacker to manipulate the device's memory through a series of operations due to the faulty input validation logic. Exploitation of this flaw can lead to service interruptions and compromise the integrity of the device.
Affected Version(s)
Taurus-AN00B Versions earlier than 10.1.0.156(C00E155R7P2)
References
CVSS V3.1
Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved