Vulnerability Details : CVE-2020-9241
Huawei 5G Mobile WiFi E6878-370 with versions of 10.0.3.1(H563SP1C00),10.0.3.1(H563SP21C233) have an improper authorization vulnerability. The device does not restrict certain data received from WAN port. Successful exploit could allow an attacker at WAN side to manage certain service of the device.
Products affected by CVE-2020-9241
- cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\(h563sp1c00\):*:*:*:*:*:*:*
- cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\(h563sp21c233\):*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-9241
0.10%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 41 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-9241
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
7.0
|
HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H |
2.2
|
4.7
|
NIST |
References for CVE-2020-9241
-
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200812-01-auth-en
Security Advisory - Improper Authorization Vulnerability in Several ProductsVendor Advisory
Jump to