CVE-2020-1861
Description
CloudEngine 12800 with versions of V200R001C00SPC600,V200R001C00SPC700,V200R002C01,V200R002C50SPC800,V200R002C50SPC800PWE,V200R003C00SPC810,V200R003C00SPC810PWE,V200R005C00SPC600,V200R005C00SPC800,V200R005C00SPC800PWE,V200R005C10,V200R005C10SPC300 have an information leakage vulnerability in some Huawei products. In some special cases, an authenticated attacker can exploit this vulnerability because the software processes data improperly. Successful exploitation may lead to information leakage.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An authenticated attacker can trigger information leakage in certain Huawei CloudEngine 12800 versions due to improper data processing.
Vulnerability
An information leakage vulnerability exists in Huawei CloudEngine 12800 series switches running specific firmware versions: V200R001C00SPC600, V200R001C00SPC700, V200R002C01, V200R002C50SPC800, V200R002C50SPC800PWE, V200R003C00SPC810, V200R003C00SPC810PWE, V200R005C00SPC600, V200R005C00SPC800, V200R005C00SPC800PWE, V200R005C10, and V200R005C10SPC300 [1]. The vulnerability arises because the software processes data improperly under certain special conditions, potentially disclosing sensitive information [1].
Exploitation
An attacker must first authenticate to the affected device [1]. No further technical details about the exact attack vector or required privileges are provided in the advisory. The description indicates that exploitation occurs only in “some special cases,” implying specific configurations or input sequences are needed [1].
Impact
Successful exploitation leads to information leakage, meaning the attacker can obtain sensitive data that should not be accessible [1]. The advisory does not specify the type or scope of information disclosed, nor the privilege level after compromise.
Mitigation
Huawei has released software updates to fix this vulnerability [1]. The fix is version V200R005C10SPC800 for the CloudEngine 12800 series [1]. Users should upgrade to this resolved version. No workarounds are mentioned.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Huawei/CloudEnginedescription
- Range: Egal: V200R001C00SPC600, V200R001C00SPC700, V200R002C01, V200R002C50SPC800, V200R002C50SPC800PWE, V200R003C00SPC810, V200R003C00SPC810PWE, V200R005C00SPC600, V200R005C00SPC800, V200R005C00SPC800PWE, V200R005C10, V200R005C10SPC300
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-01-leak-enmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.