SB2020012409 - Multiple vulnerabilities in Some Huawei products

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2020012409

SB2020012409 - Multiple vulnerabilities in Some Huawei products

Published: January 24, 2020

Security Bulletin ID SB2020012409
Severity
Low
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Physical access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) Improper Authentication (CVE-ID: CVE-2020-1842)

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to insufficient authentication. An attacker with physical access to the device can perform specific operations to gain elevated privileges.


2) Insufficient verification of data authenticity (CVE-ID: CVE-2020-1843)

The vulnerability allows a local attacker to perform an illegal operation on the target device.

The vulnerability exists due to an insufficient verification issue. An attacker with physical access can perform specific operations, leading to an illegal operation.


Remediation

Install update from vendor's website.

References