Medium severity6.8NVD Advisory· Published Jan 12, 2016· Updated May 6, 2026

CVE-2015-8673

Description

Huawei TE30, TE40, TE50, and TE60 multimedia video conferencing endpoints with software before V100R001C10SPC100 do not require entry of the old password when changing the password for the Debug account, which allows physically proximate attackers to change the password by leveraging an unattended workstation.

Affected products

Huawei/Te30
cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*
Huawei/Te40
cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*
Huawei/Te50
cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*
Huawei/Te60
cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*
Huawei/Te60 Firmware
cpe:2.3:o:huawei:te60_firmware:*:*:*:*:*:*:*:*
Range: <=v100r001c10b022

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.huawei.com/en/psirt/security-advisories/hw-462952nvd

News mentions

No linked articles in our index yet.

cvss	0.442
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000