CVE-2020-9086
low-risk
Published 2024-12-27
There is a buffer error vulnerability in some Huawei product. An unauthenticated attacker may send special UPNP message to the affected products. Due to insufficient input validation of some value, successful exploit may cause some service abnormal. (Vulnerability ID: HWPSIRT-2017-08234) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9086.
Do I need to act?
-
0.05% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
4
CVSS 4.3/10
Medium
ADJACENT_NETWORK
/ LOW complexity
Affected Products (3)
B612 Firmware
B612 Firmware
B612 Firmware
Affected Vendors
References (1)
24
/ 100
low-risk
Severity
15/34 · Moderate
Exploitability
0/34 · Minimal
Exposure
9/34 · Low