CVE-2023-6514

2023-12-0609:15:09

CWE-840

CWE-287

[email protected]

web.nvd.nist.gov

huawei

smart screen

bluetooth

authentication

bypass

vulnerability

attackers

restricted functions

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

21.5%

JSON

The Bluetooth module of some Huawei Smart Screen products has an identity authentication bypass vulnerability. Successful exploitation of this vulnerability may allow attackers to access restricted functions.

Successful exploitation of this vulnerability may allow attackers to access restricted functions.

Affected configurations

Nvd

Node

huaweiajmd-370s_firmwareMatch103.1.0.110\(sp12c00e2r1p2\)

AND

huaweiajmd-370sMatch-

VendorProductVersionCPE
huaweiajmd-370s_firmware103.1.0.110(sp12c00e2r1p2)cpe:2.3:o:huawei:ajmd-370s_firmware:103.1.0.110\(sp12c00e2r1p2\):*:*:*:*:*:*:*
huaweiajmd-370s-cpe:2.3:h:huawei:ajmd-370s:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
huawei	ajmd-370s_firmware	103.1.0.110(sp12c00e2r1p2)	cpe:2.3:o:huawei:ajmd-370s_firmware:103.1.0.110\(sp12c00e2r1p2\):::::::*
huawei	ajmd-370s	-	cpe:2.3:h:huawei:ajmd-370s:-:::::::*