Out-of-Bounds Write Vulnerability in Huawei IPS and NGFW Modules
CVE-2020-9101

6.5MEDIUM

Key Information:

Vendor
Huawei
Vendor
CVE Published:
18 July 2020

Summary

An out-of-bounds write vulnerability exists in various Huawei products, allowing unauthenticated attackers to send specially crafted packets to affected devices. Due to inadequate validation of these packets, attackers may exploit this vulnerability to cause unexpected reboots of the process, potentially leading to disruption of services and compromised security measures.

Affected Version(s)

IPS Module V500R005C00

IPS Module V500R005C10

NGFW Module V500R005C00

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.