CVE-2020-9206 — MEDIUM (6.7)

Vulnerability Description

The eUDC660 product has a resource management vulnerability. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper resource management of the device, as a result, the key file can be obtained and data can be decrypted, affecting confidentiality, integrity, and availability of the device.

CVSS Score

6.7

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Huawei	Eudc660 Firmware	v100r005c00
Huawei	Eudc660	-

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210203-01-resourVendor Advisory
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210203-01-resourVendor Advisory

FAQ

What is CVE-2020-9206?

CVE-2020-9206 is a vulnerability with a CVSS score of 6.7 (MEDIUM). The eUDC660 product has a resource management vulnerability. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper r...

How severe is CVE-2020-9206?

CVE-2020-9206 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-9206?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Eudc660 Firmware, Huawei Eudc660.