CVE-2021-40043
HIGHHuawei AIS-BW80H-00 Firmware < 9.0.3.4(H100SP13C00) - Laser Command Injection
Title source: llmDescription
The laser command injection vulnerability exists on AIS-BW80H-00 versions earlier than AIS-BW80H-00 9.0.3.4(H100SP13C00). The devices cannot effectively defend against external malicious interference. Attackers need the device to be visually exploitable and successful triggering of this vulnerability could execute voice commands on the device.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220126-01-df75863e-en
Scores
CVSS v3
7.8
EPSS
0.0014
EPSS Percentile
33.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-77
Status
published
Products (1)
huawei/ais-bw80h-00_firmware
< 9.0.3.4\(h100sp13c00\)
Published
Feb 25, 2022
Tracked Since
Feb 18, 2026