Lucene search

Huawei TechnologiesHUAWEI-SA-IBVISHSSP-4BF951D4

HistoryDec 06, 2023 - 12:00 a.m.

Security Advisory - Identity Bypass Vulnerability in Some Huawei Smart Screen Products

2023-12-0600:00:00

Huawei Technologies

www.huawei.com

security advisory

bluetooth module

huawei

smart screen

identity authentication

vulnerability

exploitation

access

restricted functions

cve-2023-6514

software

8.8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

21.5%

JSON

The Bluetooth module of some Huawei Smart Screen products has an identity authentication bypass vulnerability. Successful exploitation of this vulnerability may allow attackers to access restricted functions.(Vulnerability ID:HWPSIRT-2023-82635)

This vulnerability has been assigned a (CVE) ID: CVE-2023-6514

Affected configurations

Vulners

Node

huaweiajmd-370sMatchajmd-370s

huaweiajmd-370sMatch103.1.0.110

CPENameOperatorVersion
ajmd-370seqAJMD-370S
ajmd-370seq103.1.0.110

CPE	Name	Operator	Version
	ajmd-370s	eq	AJMD-370S
	ajmd-370s	eq	103.1.0.110

8.8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

21.5%

JSON

Related for HUAWEI-SA-IBVISHSSP-4BF951D4