CVE-2020-9068
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Huawei AR3200 products with versions of V200R007C00SPC900, V200R007C00SPCa00, V200R007C00SPCb00, V200R007C00SPCc00, V200R009C00SPC500 have an improper authentication vulnerability. Attackers need to perform some operations to exploit the vulnerability. Successful exploit may obtain certain permissions on the device.
Los productos Huawei AR3200 con versiones V200R007C00SPC900, V200R007C00SPCa00, V200R007C00SPCb00, V200R007C00SPCc00, V200R009C00SPC500, tiene una vulnerabilidad de autenticación inapropiada. Los atacantes deben llevar a cabo algunas operaciones para explotar la vulnerabilidad. Una explotación con éxito puede obtener determinados permisos en el dispositivo.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-02-18 CVE Reserved
- 2020-04-27 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200422-01-authentication-en | 2020-04-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | Ar3200 Firmware Search vendor "Huawei" for product "Ar3200 Firmware" | v200r007c00spc900 Search vendor "Huawei" for product "Ar3200 Firmware" and version "v200r007c00spc900" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ar3200 Search vendor "Huawei" for product "Ar3200" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ar3200 Firmware Search vendor "Huawei" for product "Ar3200 Firmware" | v200r007c00spca00 Search vendor "Huawei" for product "Ar3200 Firmware" and version "v200r007c00spca00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ar3200 Search vendor "Huawei" for product "Ar3200" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ar3200 Firmware Search vendor "Huawei" for product "Ar3200 Firmware" | v200r007c00spcb00 Search vendor "Huawei" for product "Ar3200 Firmware" and version "v200r007c00spcb00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ar3200 Search vendor "Huawei" for product "Ar3200" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ar3200 Firmware Search vendor "Huawei" for product "Ar3200 Firmware" | v200r007c00spcc00 Search vendor "Huawei" for product "Ar3200 Firmware" and version "v200r007c00spcc00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ar3200 Search vendor "Huawei" for product "Ar3200" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Ar3200 Firmware Search vendor "Huawei" for product "Ar3200 Firmware" | v200r009c00spc500 Search vendor "Huawei" for product "Ar3200 Firmware" and version "v200r009c00spc500" | - |
Affected
| in | Huawei Search vendor "Huawei" | Ar3200 Search vendor "Huawei" for product "Ar3200" | - | - |
Safe
|