← Back to CVEs
CVE-2020-9105
MEDIUM6.7
Description
Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to access and modify the memory of the device by doing a series of operations. Successful exploit may cause the service abnormal.
CVE Details
CVSS v3.1 Score6.7
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack VectorLOCAL
ComplexityLOW
Privileges RequiredHIGH
User InteractionNONE
Published10/9/2020
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
huawei:taurus-an00bhuawei:taurus-an00b_firmware
Weaknesses (CWE)
CWE-20
References
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200923-01-outofbound-en(psirt@huawei.com)
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200923-01-outofbound-en(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.