CVE-2020-1814

Published: Feb 18, 2020Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.6 / Impact: 3.6

Source: NVD

Description

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability. An authenticated attacker may do some special operations in the affected products in some special scenarios to exploit the vulnerability. Due to improper race conditions of different operations, successful exploit will lead to Dangling pointer dereference, causing some service abnormal.

Affected (11)

Products: Huawei: Nip6800 Firmware, Secospace Usg6600 Firmware, Usg9500 Firmware

Huawei

3 products

Nip6800 Firmware

Secospace Usg6600 Firmware

Usg9500 Firmware

Configuration A

3 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Nip6800 Firmware	Version v500r001c30
Huawei Nip6800 Firmware	Version v500r001c60spc500
Huawei Nip6800 Firmware	Version v500r005c00

Running on/with	Platform Versions
Huawei Nip6800	All versions

Configuration B

4 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Secospace Usg6600 Firmware	Version v500r001c30spc200
Huawei Secospace Usg6600 Firmware	Version v500r001c30spc600
Huawei Secospace Usg6600 Firmware	Version v500r001c60spc500
Huawei Secospace Usg6600 Firmware	Version v500r005c00

Running on/with	Platform Versions
Huawei Secospace Usg6600	All versions

Configuration C

4 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Usg9500 Firmware	Version v500r001c30spc200
Huawei Usg9500 Firmware	Version v500r001c30spc600
Huawei Usg9500 Firmware	Version v500r001c60spc500
Huawei Usg9500 Firmware	Version v500r005c00

Running on/with	Platform Versions
Huawei Usg9500	All versions

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

References (2)

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-01-firewall-en

Source: psirt@huawei.com

Vendor Advisory

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-01-firewall-en

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.