Unrated severityNVD Advisory· Published Feb 17, 2020· Updated Aug 4, 2024

CVE-2020-1816

Description

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Denial of Service (DoS) vulnerability. Due to improper processing of specific IPSEC packets, remote attackers can send constructed IPSEC packets to affected devices to exploit this vulnerability. Successful exploit could cause the IPSec function of the affected device abnormal.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A DoS vulnerability in Huawei NIP6800, Secospace USG6600, and USG9500 allows remote attackers to disrupt IPSec function via crafted IPSEC packets.

Vulnerability

A denial of service (DoS) vulnerability exists in Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00. The issue stems from improper processing of specific IPSEC packets, which can be triggered without any special configuration or authentication [1].

Exploitation

An unauthenticated remote attacker can exploit this vulnerability by sending specially crafted IPSEC packets to the affected device. No user interaction or prior access is required. The attacker only needs network reachability to the target device's IPSec interface [1].

Impact

Successful exploitation causes the IPSec function of the device to become abnormal, resulting in a denial of service condition. The attack does not lead to information disclosure, privilege escalation, or code execution; it solely disrupts IPSec processing [1].

Mitigation

Huawei has released software updates to fix this vulnerability. The resolved version is V500R005C20SPC300 for all affected products. The security advisory was published on 2020-02-12 [1]. No workarounds are documented. The vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog.

References

Security Advisory - Denial of Service Vulnerability in Some Huawei Firewall Products

AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Huawei/NIP6800llm-fuzzy
Range: V500R001C30, V500R001C60SPC500, V500R005C00
Huawei/USG9500llm-fuzzy
Range: V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00
Huawei/USG6600llm-fuzzy
Range: V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00
Huawei/NIP6800v5
Range: V500R001C30
Huawei/Secospace Usg6600 Firmwarecpe-rescue
Range: V500R001C30SPC200

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-03-firewall-enmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000