CVE-2020-9222

Summary

There is a privilege escalation vulnerability in Huawei FusionCompute product. Due to insufficient verification on specific files that need to be deserialized, local attackers can exploit this vulnerability to elevate permissions. (Vulnerability ID: HWPSIRT-2020-05241)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9222.

Affected Software

VendorProductVersion RangeStatus
HuaweiFusionCompute6.3.0affected
HuaweiFusionCompute6.3.1affected
HuaweiFusionCompute6.5.0affected
HuaweiFusionCompute6.5.1affected
HuaweiFusionCompute8.0.0affected

Weaknesses

  • CWE-269: CWE-269 Improper Privilege Management

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References