Unrated severityNVD Advisory· Published Feb 17, 2020· Updated Aug 4, 2024
CVE-2020-1828
CVE-2020-1828
Description
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have an input validation vulnerability where the IPSec module does not validate a field in a specific message. Attackers can send specific message to cause out-of-bound read, compromising normal service.
Affected products
6- Range: V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00
V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00+ 1 more
- (no CPE)range: V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00
- (no CPE)range: V500R001C30SPC200
Patches
Vulnerability mechanics
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-01-ipsec-enmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.