VYPR
Unrated severityNVD Advisory· Published Feb 17, 2020· Updated Aug 4, 2024

CVE-2020-1828

CVE-2020-1828

Description

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have an input validation vulnerability where the IPSec module does not validate a field in a specific message. Attackers can send specific message to cause out-of-bound read, compromising normal service.

Affected products

6
  • Huawei/NIP6800llm-fuzzy2 versions
    V500R001C30, V500R001C60SPC500, V500R005C00+ 1 more
    • (no CPE)range: V500R001C30, V500R001C60SPC500, V500R005C00
    • (no CPE)range: V500R001C30
  • Range: V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00
  • V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00+ 1 more
    • (no CPE)range: V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00
    • (no CPE)range: V500R001C30SPC200
  • Huawei/USG9500cpe-rescue
    Range: V500R001C30SPC200

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.