#VU56418 Improper Authorization in AIS-BW50-00 - CVE-2021-37101
Published: September 9, 2021
Vulnerability identifier: #VU56418
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-37101
CWE-ID: CWE-285
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
AIS-BW50-00
AIS-BW50-00
Software vendor:
Huawei
Huawei
Description
The vulnerability allows a local attacker to bypass authorization checks.
The vulnerability exists due to improper authorization mangement. An attacker with physical access can bypass authorization checks and execute arbitrary code om the target system.
Remediation
Install updates from vendor's website.