Main Vulnerability Database Vulnerabilities #VU24514

Insufficient verification of data authenticity in Huawei products - CVE-2020-1843

Published: January 24, 2020

Vulnerability identifier: #VU24514

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2020-1843

CWE-ID: CWE-345

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Huawei

Affected software:
Huawei HEGE-560
OSCA-550
OSCA-550A
OSCA-550AX
OSCA-550X

Detailed vulnerability description

The vulnerability allows a local attacker to perform an illegal operation on the target device.

The vulnerability exists due to an insufficient verification issue. An attacker with physical access can perform specific operations, leading to an illegal operation.

How to mitigate CVE-2020-1843

Install updates from vendor's website.

Sources

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-02-osca-en

Insufficient verification of data authenticity in Huawei products - CVE-2020-1843

Detailed vulnerability description

How to mitigate CVE-2020-1843

Sources

Please verify you're human