CVE-2020-1855
Last modified
CVE-2020-1855 is a medium-severity vulnerability rated 6.1/10 on the CVSS scale. Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability. An attacker can access the device physically and exploit this vulnerability to tamper with device information. EPSS estimates a 0.21% chance of exploitation in the next 30 days.
Description
Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability. An attacker can access the device physically and exploit this vulnerability to tamper with device information. Successful exploit may cause service abnormal.
Metrics
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Hege-560 Firmware | 1.0.1.21\(sp3\) |
| Huawei | Osca-550 Firmware | 1.0.1.21\(sp3\) |
| Huawei | Osca-550a Firmware | 1.0.1.21\(sp3\) |
| Huawei | Osca-550ax Firmware | 1.0.1.21\(sp3\) |
| Huawei | Osca-550x Firmware | 1.0.1.21\(sp3\) |
| Huawei | Hege-570 Firmware | 1.0.1.22\(sp3\) |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-1855?
How severe is CVE-2020-1855?
How do I fix CVE-2020-1855?
Are you affected by CVE-2020-1855?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST