Vulnerability Details CVE-2021-40043
The laser command injection vulnerability exists on AIS-BW80H-00 versions earlier than AIS-BW80H-00 9.0.3.4(H100SP13C00). The devices cannot effectively defend against external malicious interference. Attackers need the device to be visually exploitable and successful triggering of this vulnerability could execute voice commands on the device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.4%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.6
References
Products affected by CVE-2021-40043
-
cpe:2.3:h:huawei:ais-bw80h-00:-
-
cpe:2.3:o:huawei:ais-bw80h-00_firmware:-
-
cpe:2.3:o:huawei:ais-bw80h-00_firmware:9.0.3.1(h100sp13c00)
-
cpe:2.3:o:huawei:ais-bw80h-00_firmware:9.0.3.1(h100sp18c00)
-
cpe:2.3:o:huawei:ais-bw80h-00_firmware:9.0.3.1(h100sp3c00)
-
cpe:2.3:o:huawei:ais-bw80h-00_firmware:9.0.3.1(h100sp9c00)
-
cpe:2.3:o:huawei:ais-bw80h-00_firmware:9.0.3.2(h100sp1c00)
-
cpe:2.3:o:huawei:ais-bw80h-00_firmware:9.0.3.2(h100sp2c00)
-
cpe:2.3:o:huawei:ais-bw80h-00_firmware:9.0.3.2(h100sp5c00)
-
cpe:2.3:o:huawei:ais-bw80h-00_firmware:9.0.3.2(h100sp8c00)
-
cpe:2.3:o:huawei:ais-bw80h-00_firmware:9.0.3.3(h100sp1c00)