CVE-2020-1818

CVSS 3.7 LOWEPSS 0.2%CWE-125

There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289) The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Productos afectados

Huawei · IPS Module Huawei · NGFW Module Huawei · NIP6300 Huawei · NIP6600 Huawei · NIP6800 Huawei · Secospace USG6300 Huawei · Secospace USG6500 Huawei · Secospace USG6600 Huawei · USG6000V

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20191218-01-cops-en