Invalid Pointer Access Vulnerability in Huawei Secospace and NIP6800 Products
CVE-2020-1875

5.5MEDIUM

Key Information:

Vendor: Huawei
Status: Nip6800;secospace Usg6600;usg9500
Vendor: CVE Published:; 28 February 2020

Summary

Huawei's NIP6800 and Secospace product lines have a vulnerability that results from the software attempting to access an invalid pointer during specific abnormal conditions. This flaw, if successfully exploited, may lead to an unexpected reboot of affected processes. The issue affects numerous versions across NIP6800 and Secospace devices, highlighting the need for immediate review and remediation to ensure system integrity.

Affected Version(s)

NIP6800;Secospace USG6600;USG9500 V500R001C30,V500R001C60SPC500

NIP6800;Secospace USG6600;USG9500 V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 28, 2020
Vulnerability Reserved
Nov 29, 2019