First published: Tue Feb 18 2020(Updated: )
Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. An attacker can access the device physically and perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker obtain high privilege.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei Hege-560 Firmware | =1.0.1.20\(sp2\) | |
Huawei HEGE-560 | ||
Huawei Osca-550 Firmware | =1.0.0.71\(sp1\) | |
Huawei OSCA-550 | ||
Huawei Osca-550a Firmware | =1.0.0.71\(sp1\) | |
Huawei Osca-550a | ||
Huawei Osca-550ax Firmware | =1.0.0.71\(sp2\) | |
Huawei Osca-550ax | ||
Huawei Osca-550x Firmware | =1.0.0.71\(sp2\) | |
Huawei Osca-550x |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2020-1842.
The severity of CVE-2020-1842 is medium.
Huawei HEGE-560 devices are affected by this vulnerability.
There is currently no fixed version available for CVE-2020-1842. Please refer to the vendor's advisory for more information.
You can find more information about CVE-2020-1842 in Huawei's security advisory.