CVE-2020-9100

HIGH

Huawei Hisuite < 10.1.0.500 - Uncontrolled Search Path

Title source: rule

Description

Earlier than HiSuite 10.1.0.500 have a DLL hijacking vulnerability. This vulnerability exists due to some DLL file is loaded by HiSuite improperly. And it allows an attacker to load this DLL file of the attacker's choosing.

References (1)

[Vendor Advisory] https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200701-01-dllhijacking-en

Scores

CVSS v3 7.8

EPSS 0.0007

EPSS Percentile 20.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE

CWE-427

Status published

Affected Products (1)

huawei/hisuite < 10.1.0.500

Timeline

Published Jul 06, 2020

Tracked Since Feb 18, 2026