Main Vulnerability Database Vulnerabilities #VU26048

#VU26048 Improper validation of integrity check value in Huawei products - CVE-2020-1879

Published: March 12, 2020

Vulnerability identifier: #VU26048

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2020-1879

CWE-ID: CWE-354

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Huawei HEGE-560
Huawei HEGE-570
OSCA-550
OSCA-550A
OSCA-550AX
OSCA-550X

Software vendor:
Huawei

Description

The vulnerability allows a local user to make malicious modifications.

The vulnerability exists due to improper integrity checks. An authenticated attacker with physical access can make malicious modifications on the target system.

Remediation

Install updates from vendor's website.

External links

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-integrity-en

#VU26048 Improper validation of integrity check value in Huawei products - CVE-2020-1879

Description

Remediation

External links

Please verify you're human