7.2
CVE-2021-37101
- EPSS 0.02%
- Published 09.09.2021 14:15:08
- Last modified 21.11.2024 06:14:39
- Source psirt@huawei.com
- Teams watchlist Login
- Open Login
There is an improper authorization vulnerability in AIS-BW50-00 9.0.6.2(H100SP10C00) and 9.0.6.2(H100SP15C00). Due to improper authorization mangement, an attakcer can exploit this vulnerability by physical accessing the device and implant malicious code. Successfully exploit could leads to arbitrary code execution in the target device.
Data is provided by the National Vulnerability Database (NVD)
Huawei ≫ Ais-bw50-00 Firmware Version9.0.6.2(h100sp10c00)
Huawei ≫ Ais-bw50-00 Firmware Version9.0.6.2(h100sp15c00)
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.035 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 0.9 | 5.9 |
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|