← Volver a CVEs
CVE-2020-9105
MEDIUM6.7
Descripcion
Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to access and modify the memory of the device by doing a series of operations. Successful exploit may cause the service abnormal.
Detalles CVE
Puntuacion CVSS v3.16.7
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosHIGH
Interaccion usuarioNONE
Publicado10/9/2020
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
huawei:taurus-an00bhuawei:taurus-an00b_firmware
Debilidades (CWE)
CWE-20
Referencias
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200923-01-outofbound-en(psirt@huawei.com)
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200923-01-outofbound-en(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.