Out-of-Bounds Write Vulnerability in Huawei IPS and NGFW Modules
CVE-2020-9101
6.5MEDIUM
Key Information:
- Vendor
- Huawei
- Vendor
- CVE Published:
- 18 July 2020
Summary
An out-of-bounds write vulnerability exists in various Huawei products, allowing unauthenticated attackers to send specially crafted packets to affected devices. Due to inadequate validation of these packets, attackers may exploit this vulnerability to cause unexpected reboots of the process, potentially leading to disruption of services and compromised security measures.
Affected Version(s)
IPS Module V500R005C00
IPS Module V500R005C10
NGFW Module V500R005C00
References
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved