Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a privilege elevation vulnerability. Due to lack of privilege restrictions on some of the business functions of the device. An attacker could exploit this vulnerability to access the protecting information, resulting in the elevation of the privilege.
References
Link | Resource |
---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201014-01-privilege-en | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2020-10-19 13:15
Updated : 2020-10-26 14:09
NVD link : CVE-2020-9112
Mitre link : CVE-2020-9112
JSON object : View
CWE
CWE-269
Improper Privilege Management
Products Affected
huawei
- taurus-an00b
- taurus-an00b_firmware