CVE-2019-5272

MEDIUM

USG9500 <V500R001C30;V500R001C60 - Privilege Escalation

Title source: llm

Description

USG9500 with versions of V500R001C30;V500R001C60 have a missing integrity checking vulnerability. The software of the affected products does not check the integrity which may allow an attacker with high privilege to make malicious modifications without detection.

References (1)

[Vendor Advisory] https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-digital-en

Scores

CVSS v3 4.9

EPSS 0.0006

EPSS Percentile 19.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Details

CWE

CWE-354

Status published

Products (2)

huawei/usg9500_firmware v500r001c30

huawei/usg9500_firmware v500r001c60

Published Dec 26, 2019

Tracked Since Feb 18, 2026