Out-of-Bounds Read Vulnerabilities in Huawei Products' COPS Implementation
CVE-2020-1819

5.3MEDIUM

Key Information:

Vendor: Huawei
Status: Ips Module; Ngfw Module; Nip6300; Nip6600
Vendor: CVE Published:; 27 December 2024

Summary

Huawei products experience a set of out-of-bounds read vulnerabilities within the implementation of the Common Open Policy Service (COPS) protocol. These vulnerabilities may be triggered during the processing of incoming data packets by the specific decoding function, leading to potential service disruptions on affected devices. Individuals and organizations using Huawei products should be aware of these issues and take necessary precautions to safeguard their systems.

Affected Version(s)

IPS Module V500R001C30

IPS Module V500R001C60

IPS Module V500R005C00

References

https://www.huawei.com/en/psirt/security-advisories/2020/...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 27, 2024
Vulnerability Reserved
Nov 29, 2019