Unrated severityNVD Advisory· Published Feb 18, 2020· Updated Aug 4, 2024

CVE-2020-1814

Description

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability. An authenticated attacker may do some special operations in the affected products in some special scenarios to exploit the vulnerability. Due to improper race conditions of different operations, successful exploit will lead to Dangling pointer dereference, causing some service abnormal.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A dangling pointer dereference vulnerability in Huawei NIP6800, Secospace USG6600, and USG9500 allows authenticated attackers to cause service disruption via race conditions.

Vulnerability

A dangling pointer dereference vulnerability exists in Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 [1]. The vulnerability occurs due to improper race conditions during concurrent operations on the affected products.

Exploitation

An authenticated attacker must perform special operations in the affected products under specific scenarios to trigger the race condition [1]. The attacker does not require network access beyond authenticated administrative privileges. The exploitation relies on timing windows between different operations, leading to a dangling pointer dereference.

Impact

Successful exploitation results in a dangling pointer dereference, causing abnormal behavior or disruption of services [1]. The impact is primarily denial of service, with potential for system instability.

Mitigation

Huawei has released software updates to fix this vulnerability. For NIP6800, upgrade to V500R005C20SPC300; for Secospace USG6600 and USG9500, upgrade to V500R005C20SPC300 [1]. Users should apply the updates from Huawei's official support channels.

References

Security Advisory - Dangling Pointer Reference Vulnerability in Some Huawei Firewall Products

AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Huawei/NIP6800llm-fuzzy
Range: V500R001C30, V500R001C60SPC500, V500R005C00
Huawei/Secospace USG9500llm-fuzzy
Range: V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00
Huawei/Secospace USG6600llm-fuzzy
Range: V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00
Huawei/NIP6800v5
Range: V500R001C30
Huawei/Secospace Usg6600 Firmwarecpe-rescue
Range: V500R001C30SPC200

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-01-firewall-enmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000