CVE-2020-1862
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
There is a double free vulnerability in some Huawei products. A local attacker with low privilege may perform some operations to exploit the vulnerability. Due to doubly freeing memory, successful exploit may cause some service abnormal. Affected product versions include:CampusInsight versions V100R019C00;ManageOne versions 6.5.RC2.B050.
Se presenta una vulnerabilidad de doble liberación en algunos productos Huawei. Un atacante local con pocos privilegios puede llevar a cabo algunas operaciones para explotar la vulnerabilidad. Debido a una memoria doblemente liberada, la explotación con éxito puede causar algún servicio anormal. Las versiones de productos afectados incluyen: CampusInsight versiones V100R019C00; ManageOne versiones 6.5.RC2.B050.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-11-29 CVE Reserved
- 2020-03-20 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-415: Double Free
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-01-free-en | 2020-03-24 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | Campusinsight Search vendor "Huawei" for product "Campusinsight" | v100r019c00 Search vendor "Huawei" for product "Campusinsight" and version "v100r019c00" | - |
Affected
| ||||||
| Huawei Search vendor "Huawei" | Manageone Search vendor "Huawei" for product "Manageone" | 6.5 Search vendor "Huawei" for product "Manageone" and version "6.5" | rc2.b050 |
Affected
| ||||||