Out-of-Bounds Read Vulnerability in Huawei Network Products
CVE-2020-1866

6.5MEDIUM

Key Information:

Summary

An out-of-bounds read vulnerability exists in several Huawei network products. This issue arises when the software processes crafted DHCP messages, leading to reading past the end of the designated buffer. Exploiting this vulnerability may result in abnormal service behavior. Affected products encompass a range of Huawei's networking equipment, making timely updates crucial to mitigate potential risks.

Affected Version(s)

NIP6800;S12700;S2700;S5700;S6700;S7700;S9700;Secospace USG6600;USG9500 V500R001C30,V500R001C60SPC500,V500R005C00

NIP6800;S12700;S2700;S5700;S6700;S7700;S9700;Secospace USG6600;USG9500 V200R008C00

NIP6800;S12700;S2700;S5700;S6700;S7700;S9700;Secospace USG6600;USG9500 V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.