There is a privilege escalation vulnerability in SMC2.0 product. Some files in a directory of a module are located improperly. It does not apply the directory limitation. Attackers can exploit this vulnerability by crafting malicious file to launch privilege escalation. This can compromise normal service of affected products.
References
Link | Resource |
---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201230-01-pe-en | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2021-01-13 15:15
Updated : 2021-07-21 04:39
NVD link : CVE-2020-9209
Mitre link : CVE-2020-9209
JSON object : View
CWE
CWE-862
Missing Authorization
Products Affected
huawei
- smc2.0_firmware
- smc2.0