Vulnerabilities > CVE-2020-1843 - Unspecified vulnerability in Huawei products

CVSS 6.8 - MEDIUM

Attack vector

PHYSICAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

huawei

NVD

Published: 2020-02-18

Updated: 2021-07-21

Summary

Huawei HEGE-560 version 1.0.1.20(SP2), OSCA-550 version 1.0.0.71(SP1), OSCA-550A version 1.0.0.71(SP1), OSCA-550AX version 1.0.0.71(SP2), and OSCA-550X version 1.0.0.71(SP2) have an insufficient verification vulnerability. An attacker can perform specific operations to exploit this vulnerability by physical access methods. Successful exploitation may cause the attacker perform an illegal operation.

Vulnerable Configurations

Part	Description	Count
OS	Huawei Huawei Hege 560 Firmware 1.0.1.20\(Sp2\) Huawei Osca 550 Firmware 1.0.0.71\(Sp1\) Huawei Osca 550A Firmware 1.0.0.71\(Sp1\) Huawei Osca 550Ax Firmware 1.0.0.71\(Sp2\) Huawei Osca 550X Firmware 1.0.0.71\(Sp2\)	5
Hardware	Huawei Huawei Hege 560 - Huawei Osca 550 - Huawei Osca 550A - Huawei Osca 550Ax - Huawei Osca 550X -	5

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-02-osca-en