CVE-2020-1879

LOW

Huawei <versions> - Info Disclosure

Title source: llm

Description

There is an improper integrity checking vulnerability on some huawei products. The software of the affected product has an improper integrity check which may allow an attacker with high privilege to make malicious modifications.Affected product versions include:HEGE-560 versions 1.0.1.21(SP3);HEGE-570 versions 1.0.1.22(SP3);OSCA-550 versions 1.0.1.21(SP3);OSCA-550A versions 1.0.1.21(SP3);OSCA-550AX versions 1.0.1.21(SP3);OSCA-550X versions 1.0.1.21(SP3).

References (2)

[Vendor Advisory] https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200311-01-integrity-en

[Not Applicable] http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-02-dos-en

Scores

CVSS v3 3.9

EPSS 0.0001

EPSS Percentile 1.7%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Details

CWE

CWE-354

Status published

Products (6)

huawei/hege-560_firmware 1.0.1.21\(sp3\)

huawei/hege-570_firmware 1.0.1.21\(sp3\)

huawei/osca-550_firmware 1.0.1.21\(sp3\)

huawei/osca-550a_firmware 1.0.1.21\(sp3\)

huawei/osca-550ax_firmware 1.0.1.21\(sp3\)

huawei/osca-550x_firmware 1.0.1.21\(sp3\)

Published Mar 20, 2020

Tracked Since Feb 18, 2026