Vulnerabilities > CVE-2020-9072 - Unspecified vulnerability in Huawei OSD Firmware

CVSS 6.7 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

huawei

NVD

Published: 2020-04-27

Updated: 2021-07-21

Summary

Huawei OSD product with versions earlier than OSD_uwp_9.0.32.0 have a local privilege escalation vulnerability. An authenticated, local attacker can constructs a specific file path to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege.

Vulnerable Configurations

Part	Description	Count
OS	Huawei Huawei OSD Firmware *	1
Hardware	Huawei Huawei OSD -	1

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-01-osd-en