CVE-2020-9111
CVE-2020-9111 is a medium-severity vulnerability in Huawei E6878-370 Firmware with a CVSS 3.x base score of 4.5. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Medium (CVSS 3.x base score 4.5)
- CVSS v2: 2.7
- EPSS exploit prediction: 0% (21st percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Huawei E6878-370 Firmware
- Published:
- Last modified:
Description
E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E6878-870 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233) have a denial of service vulnerability. The system does not properly check some events, an attacker could launch the events continually, successful exploit could cause reboot of the process.
Frequently asked questions
- What is CVE-2020-9111?
- E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E6878-870 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233) have a denial of service vulnerability. The system does not properly check some events, an attacker could launch the events continually, successful exploit could cause reboot of the process.
- How severe is CVE-2020-9111?
- CVE-2020-9111 has a CVSS 3.x base score of 4.5, rated medium severity. It is exploitable over an adjacent network with low attack complexity, requires high privileges and no user interaction. Impact on confidentiality is none, integrity none, and availability high.
- Is CVE-2020-9111 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (21st percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2020-9111?
- CVE-2020-9111 primarily affects Huawei E6878-370 Firmware. In total, 4 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2020-9111?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2020-9111 published?
- CVE-2020-9111 was published on 2020-10-19 and last updated on 2026-06-17.
References
Affected products (4)
- cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\(h557sp27c233\):*:*:*:*:*:*:*
- cpe:2.3:o:huawei:e6878-370_firmware:10.0.3.1\(h563sp21c233\):*:*:*:*:*:*:*
- cpe:2.3:o:huawei:e6878-870_firmware:10.0.3.1\(h557sp27c233\):*:*:*:*:*:*:*
- cpe:2.3:o:huawei:e6878-870_firmware:10.0.3.1\(h563sp11c233\):*:*:*:*:*:*:*
More vulnerabilities in Huawei E6878-370 Firmware
- CVE-2020-1832 — High (CVSS 8.8): E6878-370 products with versions of 10.0.3.1(H557SP27C233) and 10.0.3.1(H563SP1C00) have a stack buffer overflow…
- CVE-2020-1799 — High (CVSS 7.5): E6878-370 with versions of 10.0.3.1(H557SP27C233), 10.0.3.1(H563SP1C00), 10.0.3.1(H563SP1C233) has a use after free…
- CVE-2020-9241 — High (CVSS 7.0): Huawei 5G Mobile WiFi E6878-370 with versions of 10.0.3.1(H563SP1C00),10.0.3.1(H563SP21C233) have an improper…
- CVE-2020-9069 — Medium (CVSS 6.5): There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could…