First published: Tue Feb 18 2020(Updated: )
Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability. An attacker can access the device physically and exploit this vulnerability to tamper with device information. Successful exploit may cause service abnormal.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei Hege-560 Firmware | =1.0.1.21\(sp3\) | |
Huawei HEGE-560 | ||
Huawei Osca-550 Firmware | =1.0.1.21\(sp3\) | |
Huawei OSCA-550 | ||
Huawei Osca-550a Firmware | =1.0.1.21\(sp3\) | |
Huawei Osca-550a | ||
Huawei Osca-550ax Firmware | =1.0.1.21\(sp3\) | |
Huawei Osca-550ax | ||
Huawei Osca-550x Firmware | =1.0.1.21\(sp3\) | |
Huawei Osca-550x | ||
Huawei Hege-570 Firmware | =1.0.1.22\(sp3\) | |
Huawei HEGE-570 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Huawei vulnerability is CVE-2020-1855.
The severity level of CVE-2020-1855 is medium.
Huawei HEGE-570 version 1.0.1.22(SP3), HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) are affected by CVE-2020-1855.
The impact of CVE-2020-1855 is that an attacker can access the device physically and tamper with device information.
You can find more information about CVE-2020-1855 on the Huawei security advisories website.