CVE-2020-1855

MEDIUM

Huawei HEGE-570 <1.0.1.22 - Info Disclosure

Title source: llm
STIX 2.1

Description

Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability. An attacker can access the device physically and exploit this vulnerability to tamper with device information. Successful exploit may cause service abnormal.

References (1)

Core 1
Core References

Scores

CVSS v3 6.1
EPSS 0.0006
EPSS Percentile 18.9%
Attack Vector PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Details

Status published
Products (6)
huawei/hege-560_firmware 1.0.1.21\(sp3\)
huawei/hege-570_firmware 1.0.1.22\(sp3\)
huawei/osca-550_firmware 1.0.1.21\(sp3\)
huawei/osca-550a_firmware 1.0.1.21\(sp3\)
huawei/osca-550ax_firmware 1.0.1.21\(sp3\)
huawei/osca-550x_firmware 1.0.1.21\(sp3\)
Published Feb 18, 2020
Tracked Since Feb 18, 2026