First published: Fri Apr 10 2020(Updated: )
There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product versions include:OSCA-550 versions 1.0.1.23(SP2);OSCA-550A versions 1.0.1.23(SP2);OSCA-550AX versions 1.0.1.23(SP2);OSCA-550X versions 1.0.1.23(SP2).
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei Osca-550 Firmware | =1.0.1.23\(sp2\) | |
Huawei OSCA-550 | ||
Huawei Osca-550a Firmware | =1.0.1.23\(sp2\) | |
Huawei Osca-550a | ||
Huawei Osca-550ax Firmware | =1.0.1.23\(sp2\) | |
Huawei Osca-550ax | ||
Huawei Osca-550x Firmware | =1.0.1.23\(sp2\) | |
Huawei Osca-550x |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2020-1802.
The severity of CVE-2020-1802 is medium with a severity value of 4.6.
The affected product is Huawei Osca-550 Firmware version 1.0.1.23 (sp2).
CVE-2020-1802 allows an attacker to load a crafted file to the device through USB by exploiting the insufficient integrity validation vulnerability in the device.
No, Huawei OSCA-550a is not affected by CVE-2020-1802.