Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-1802

Опубликовано: 10 апр. 2020
Источник: nvd
CVSS3: 4.6
CVSS2: 2.1
EPSS Низкий

Описание

There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product versions include:OSCA-550 versions 1.0.1.23(SP2);OSCA-550A versions 1.0.1.23(SP2);OSCA-550AX versions 1.0.1.23(SP2);OSCA-550X versions 1.0.1.23(SP2).

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:huawei:osca-550_firmware:1.0.1.23\(sp2\):*:*:*:*:*:*:*
cpe:2.3:h:huawei:osca-550:-:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

cpe:2.3:o:huawei:osca-550a_firmware:1.0.1.23\(sp2\):*:*:*:*:*:*:*
cpe:2.3:h:huawei:osca-550a:-:*:*:*:*:*:*:*
Конфигурация 3

Одновременно

cpe:2.3:o:huawei:osca-550ax_firmware:1.0.1.23\(sp2\):*:*:*:*:*:*:*
cpe:2.3:h:huawei:osca-550ax:-:*:*:*:*:*:*:*
Конфигурация 4

Одновременно

cpe:2.3:o:huawei:osca-550x_firmware:1.0.1.23\(sp2\):*:*:*:*:*:*:*
cpe:2.3:h:huawei:osca-550x:-:*:*:*:*:*:*:*

EPSS

Процентиль: 7%
0.00028
Низкий

4.6 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-354

Связанные уязвимости

github логотип

GHSA-7c3v-rc7q-5qqq

github
больше 3 лет назад

There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product versions include:OSCA-550 versions 1.0.1.23(SP2);OSCA-550A versions 1.0.1.23(SP2);OSCA-550AX versions 1.0.1.23(SP2);OSCA-550X versions 1.0.1.23(SP2).

EPSS

Процентиль: 7%
0.00028
Низкий

4.6 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-354