Описание
Huawei EC156, EC176, and EC177 USB Modem products with software before UTPS-V200R003B015D02SP07C1014 (23.015.02.07.1014) and before V200R003B015D02SP08C1014 (23.015.02.08.1014) use a weak ACL for the "Mobile Partner" directory, which allows remote attackers to gain SYSTEM privileges by compromising a low privilege account and modifying Mobile Partner.exe.
Ссылки
- Issue TrackingVendor Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingThird Party AdvisoryVDB Entry
- Issue TrackingVendor Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Одновременно
Одновременно
Одновременно
EPSS
7.8 High
CVSS3
9.3 Critical
CVSS2
Дефекты
Связанные уязвимости
Huawei EC156, EC176, and EC177 USB Modem products with software before UTPS-V200R003B015D02SP07C1014 (23.015.02.07.1014) and before V200R003B015D02SP08C1014 (23.015.02.08.1014) use a weak ACL for the "Mobile Partner" directory, which allows remote attackers to gain SYSTEM privileges by compromising a low privilege account and modifying Mobile Partner.exe.
EPSS
7.8 High
CVSS3
9.3 Critical
CVSS2