Vulnerabilities > CVE-2020-0702 - Incorrect Authorization vulnerability in Microsoft Surface HUB Firmware

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

microsoft

CWE-863

NVD

Published: 2020-02-11

Updated: 2021-07-21

Summary

A security feature bypass vulnerability exists in Surface Hub when prompting for credentials, aka 'Surface Hub Security Feature Bypass Vulnerability'.

Vulnerable Configurations

Part	Description	Count
OS	Microsoft Microsoft Surface HUB Firmware -	1
Hardware	Microsoft Microsoft Surface HUB -	1

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0702