CVE-2021-22396
HIGHHuawei eCNS280_TD and eSE620X vESS - Privilege Escalation via Improper File Access
Title source: llmDescription
There is a privilege escalation vulnerability in some Huawei products. Due to improper privilege management, a local attacker with common privilege may access some specific files in the affected products. Successful exploit will cause privilege escalation.Affected product versions include:eCNS280_TD V100R005C00,V100R005C10;eSE620X vESS V100R001C10SPC200,V100R001C20SPC200.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210714-01-privilege-en
Scores
CVSS v3
7.8
EPSS
0.0002
EPSS Percentile
6.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-269
Status
published
Products (4)
huawei/ecns280_td_firmware
v100r005c00
huawei/ecns280_td_firmware
v100r005c10
huawei/ese620x_vess_firmware
v100r001c10spc200
huawei/ese620x_vess_firmware
v100r001c20spc200
Published
Aug 02, 2021
Tracked Since
Feb 18, 2026