SB2020012410 - Insufficient verification of data authenticity in Some Huawei Products
Published: January 24, 2020
Security Bulletin ID
SB2020012410
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Physical access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Insufficient verification of data authenticity (CVE-ID: CVE-2020-1855)
The vulnerability allows a local attacker to cause the target device abnormal.
The vulnerability exists due to an insufficient verification issue. An attacker with physical access can tamper with device information and cause service abnormal.
Remediation
Install update from vendor's website.