Insufficient Integrity Check Vulnerability in Huawei Sound X Product
CVE-2020-9118

6.8MEDIUM

Key Information:

Vendor: Huawei
Status: Ais-bw80h-00
Vendor: CVE Published:; 6 February 2021

Summary

The Huawei Sound X product is affected by an insufficient integrity check vulnerability that allows attackers to load maliciously crafted software packages onto the device. This flaw arises due to inadequate validation of certain software packages, potentially leading to malicious activity on the affected systems. It is crucial for users to update to the latest versions to mitigate this risk.

Affected Version(s)

AIS-BW80H-00 9.0.3.1(H100SP13C00),9.0.3.1(H100SP18C00),9.0.3.1(H100SP3C00),9.0.3.1(H100SP9C00),9.0.3.2(H100SP1C00),9.0.3.2(H100SP2C00),9.0.3.2(H100SP5C00),9.0.3.2(H100SP8C00),9.0.3.3(H100SP1C00)

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 6, 2021
Vulnerability Reserved
Feb 18, 2020