Out-of-Bounds Read Vulnerability in Huawei USG6000V Devices
CVE-2020-1863

7.5HIGH

Key Information:

Vendor: Huawei
Status: Huawei Usg6000v
Vendor: CVE Published:; 12 March 2020

Summary

Huawei USG6000V devices contain a vulnerability due to a logical flaw in the JSON parsing routine. This out-of-bounds read could allow a remote, unauthenticated attacker to exploit the flaw, potentially disrupting service for users of the affected versions. Ensuring timely updates and patches is crucial for maintaining the security posture of these devices.

Affected Version(s)

Huawei USG6000V V500R001C20SPC300

Huawei USG6000V V500R003C00SPC100

Huawei USG6000V V500R005C00SPC100

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 12, 2020
Vulnerability Reserved
Nov 29, 2019