| 1 |
Stack-based buffer overflow (CWE-121), CVE-2020-6989 |
The attacker may execute arbitrary codes or target the device to cause it to go out of service. |
| 2 |
Use of a broken or risky cryptographic algorithm (CWE-327), CVE-2020-6987 / CNVD-2020-13511 |
Using a weak cryptographic algorithm may allow confidential information to be disclosed. |
| 3 |
Use of a broken or risky cryptographic algorithm (CWE-327), CVE-2020-6987 / CNVD-2020-13511 |
Improper implementation of the cryptographic function may allow confidential information to be disclosed. |
| 4 |
Use of a hard-coded cryptographic key (CWE-321), CVE-2020-6983 / CNVD-2020-13512 |
Using a hard-coded cryptographic key increases the possibility that confidential data can be recovered. |
| 5 |
Use of a hard-coded password (CWE-798), CVE-2020-6985 / CNVD-2020-13513 |
A user with malicious intent may gain access to the system without proper authentication. |
| 6 |
Weak password requirements (CWE-521), CVE-2020-6995 / CNVD-2020-13514 |
A user with malicious intent may try to retrieve credentials by using brute force. |
| 7 |
Information exposure (CWE-200), CVE-2020-6993 / CNVD-2020-13507 |
A user with malicious intent could steal sensitive information by performing a zero-day attack. |