CVE-2020-1802
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
10/04/2020
Last modified:
13/04/2020
Description
There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product versions include:OSCA-550 versions 1.0.1.23(SP2);OSCA-550A versions 1.0.1.23(SP2);OSCA-550AX versions 1.0.1.23(SP2);OSCA-550X versions 1.0.1.23(SP2).
Impact
Base Score 3.x
4.60
Severity 3.x
MEDIUM
Base Score 2.0
2.10
Severity 2.0
LOW
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:huawei:osca-550_firmware:1.0.1.23\(sp2\):*:*:*:*:*:*:* | ||
| cpe:2.3:h:huawei:osca-550:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:huawei:osca-550a_firmware:1.0.1.23\(sp2\):*:*:*:*:*:*:* | ||
| cpe:2.3:h:huawei:osca-550a:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:huawei:osca-550ax_firmware:1.0.1.23\(sp2\):*:*:*:*:*:*:* | ||
| cpe:2.3:h:huawei:osca-550ax:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:huawei:osca-550x_firmware:1.0.1.23\(sp2\):*:*:*:*:*:*:* | ||
| cpe:2.3:h:huawei:osca-550x:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page