CVE-2020-1802
Last modified
CVE-2020-1802 is a medium-severity vulnerability rated 4.6/10 on the CVSS scale. There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product versions include:OSCA-550 versions 1.0.1.23(SP2);OSCA-550A versions 1.0.1.23(SP2);OSCA-550AX versions 1.0.1.23(SP2);OSCA-550X versions 1.0.1.23(SP2).. EPSS estimates a 0.14% chance of exploitation in the next 30 days.
Description
There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product versions include:OSCA-550 versions 1.0.1.23(SP2);OSCA-550A versions 1.0.1.23(SP2);OSCA-550AX versions 1.0.1.23(SP2);OSCA-550X versions 1.0.1.23(SP2).
Metrics
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Osca-550 Firmware | 1.0.1.23\(sp2\) |
| Huawei | Osca-550a Firmware | 1.0.1.23\(sp2\) |
| Huawei | Osca-550ax Firmware | 1.0.1.23\(sp2\) |
| Huawei | Osca-550x Firmware | 1.0.1.23\(sp2\) |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-1802?
How severe is CVE-2020-1802?
How do I fix CVE-2020-1802?
Are you affected by CVE-2020-1802?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST