CVE-2020-1862

LOW

Huawei - Memory Corruption

Title source: llm

Description

There is a double free vulnerability in some Huawei products. A local attacker with low privilege may perform some operations to exploit the vulnerability. Due to doubly freeing memory, successful exploit may cause some service abnormal. Affected product versions include:CampusInsight versions V100R019C00;ManageOne versions 6.5.RC2.B050.

References (1)

[Vendor Advisory] https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-01-free-en

Scores

CVSS v3 3.3

EPSS 0.0006

EPSS Percentile 18.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Classification

CWE

CWE-415

Status published

Affected Products (2)

huawei/campusinsight

huawei/manageone

Timeline

Published Mar 20, 2020

Tracked Since Feb 18, 2026