1 |
Stack-based buffer overflow (CWE-121), CVE-2020-6989 |
The attacker may execute arbitrary codes or target the device to cause it to go out of service. |
2 |
Use of a broken or risky cryptographic algorithm (CWE-327), CVE-2020-6987 / CNVD-2020-13511 |
Using a weak cryptographic algorithm may allow confidential information to be disclosed. |
3 |
Use of a broken or risky cryptographic algorithm (CWE-327), CVE-2020-6987 / CNVD-2020-13511 |
Improper implementation of the cryptographic function may allow confidential information to be disclosed. |
4 |
Use of a hard-coded cryptographic key (CWE-321), CVE-2020-6983 / CNVD-2020-13512 |
Using a hard-coded cryptographic key increases the possibility that confidential data can be recovered. |
5 |
Use of a hard-coded password (CWE-798), CVE-2020-6985 / CNVD-2020-13513 |
A user with malicious intent may gain access to the system without proper authentication. |
6 |
Weak password requirements (CWE-521), CVE-2020-6995 / CNVD-2020-13514 |
A user with malicious intent may try to retrieve credentials by using brute force. |
7 |
Information exposure (CWE-200), CVE-2020-6993 / CNVD-2020-13507 |
A user with malicious intent could steal sensitive information by performing a zero-day attack. |