Main Vulnerability Database SB2020040902

SB2020040902 - Improper validation of integrity check value in several Huawei products

Published: April 9, 2020

Security Bulletin ID SB2020040902

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Physical access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper validation of integrity check value (CVE-ID: CVE-2020-1802)

The vulnerability allows a local attacker to gain unauthorized access to the target device.

The vulnerability exists due to the affected device does not sufficiently validate the integrity of certain file in certain loading processes. An attacker with physical access can load a specially crafted file to the device through USB and gain access to the device.

Remediation

Install update from vendor's website.

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200408-01-osca-en

SB2020040902 - Improper validation of integrity check value in several Huawei products

Breakdown by Severity

Description

Remediation

References

Please verify you're human