Insufficient Input Validation in Huawei Taurus-AN00B Products
CVE-2020-9105

6.7MEDIUM

Key Information:

Vendor
Huawei
Vendor
CVE Published:
9 October 2020

Summary

Huawei Taurus-AN00B devices prior to version 10.1.0.156(C00E155R7P2) are susceptible to an insufficient input validation flaw. This vulnerability allows an attacker to manipulate the device's memory through a series of operations due to the faulty input validation logic. Exploitation of this flaw can lead to service interruptions and compromise the integrity of the device.

Affected Version(s)

Taurus-AN00B Versions earlier than 10.1.0.156(C00E155R7P2)

References

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.