Vulnerability Details CVE-2020-9209
There is a privilege escalation vulnerability in SMC2.0 product. Some files in a directory of a module are located improperly. It does not apply the directory limitation. Attackers can exploit this vulnerability by crafting malicious file to launch privilege escalation. This can compromise normal service of affected products.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.4%
CVSS Severity
CVSS v3 Score 6.7
CVSS v2 Score 4.6
References
Products affected by CVE-2020-9209
-
cpe:2.3:h:huawei:smc2.0:-
-
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c00spc700
-
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c00spc800
-
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spc500
-
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spc600
-
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spc601
-
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spc602
-
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spc700
-
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spc800
-
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spca00
-
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spcb00
-
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spcc00
-
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spcd00
-
cpe:2.3:o:huawei:smc2.0_firmware:v600r006c10spce00
-
cpe:2.3:o:huawei:smc2.0_firmware:v600r019c00
-
cpe:2.3:o:huawei:smc2.0_firmware:v600r019c10