CVSS: 4.9EPSS: 0%CPEs: 10EXPL: 0CVE-2020-1883
https://notcve.org/view.php?id=CVE-2020-1883
05 Jun 2020 — Huawei products NIP6800;Secospace USG6600;USG9500 have a memory leak vulnerability. An attacker with high privileges exploits this vulnerability by continuously performing specific operations. Successful exploitation of this vulnerability can cause service abnormal. Los productos Huawei NIP6800; Secospace USG6600; USG9500, presentan una vulnerabilidad de pérdida de memoria. Un atacante muy privilegiado puede explotar esta vulnerabilidad llevando a cabo continuamente operaciones específicas. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200603-01-memory-en • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 4.9EPSS: 0%CPEs: 14EXPL: 0CVE-2020-1877
https://notcve.org/view.php?id=CVE-2020-1877
28 Feb 2020 — NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when administrator log in to the device and performs some operations. Successful exploit could cause certain process reboot. NIP6800; Secospace USG6600; USG9500 con versiones de V500R001C30; V500R001C60SPC500; V500R005C00SPC100, presentan una vulnerabilidad de acceso de puntero no válido. El sistema del software acced... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-05-invalidpointer-en • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2020-1876
https://notcve.org/view.php?id=CVE-2020-1876
28 Feb 2020 — NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds write vulnerability. An unauthenticated attacker crafts malformed packets with specific parameter and sends the packets to the affected products. Due to insufficient validation of packets, which may be exploited to cause the process reboot. NIP6800; Secospace USG6600; USG9500 con versiones de V500R001C30; V500R001C60SPC500; V500R005C00SPC100, presentan una vulnerabilidad de escritura fu... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-01-outofwrite-en • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2020-1881
https://notcve.org/view.php?id=CVE-2020-1881
28 Feb 2020 — NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices. Los productos NIP6800; Secospace USG6600; USG9500 con versiones de V500R001C30; V500R001C60SPC500; V500R005C00SPC100, p... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200429-01-invalidpointer-en •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2020-1860
https://notcve.org/view.php?id=CVE-2020-1860
28 Feb 2020 — NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an access control bypass vulnerability. Attackers that can access to the internal network can exploit this vulnerability with careful deployment. Successful exploit may cause the access control to be bypassed, and attackers can directly access the Internet. Los productos NIP6800; Secospace USG6600; USG9500 con versiones de V500R001C30; V500R001C60SPC500; V500R005C00SPC100, presentan una vulnera... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-firewall-en •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2020-1874
https://notcve.org/view.php?id=CVE-2020-1874
28 Feb 2020 — NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have a invalid pointer access vulnerability. The software system access an invalid pointer when operator logs in to the device and performs some operations. Successful exploit could cause certain process reboot. Los productos NIP6800; Secospace USG6600; USG9500 versiones de V500R001C30; V500R001C60SPC500; V500R005C00SPC100, presentan una vulnerabilidad de acceso de puntero no válido. El sistema del softw... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-invalidpointer-en • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2020-1873
https://notcve.org/view.php?id=CVE-2020-1873
28 Feb 2020 — NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds read vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the device reboot. Los productos NIP6800; Secospace USG6600; USG9500 con versiones de V500R001C30; V500R001C60SPC500; V500R005C00SPC100, presentan una vulnerabi... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-01-outofboundread-en • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2020-1875
https://notcve.org/view.php?id=CVE-2020-1875
28 Feb 2020 — NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when an abnormal condition occurs in certain operation. Successful exploit could cause certain process reboot. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500;USG9500 versions V500R001C30SPC200,V500R00... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-01-wildpointer-en • CWE-824: Access of Uninitialized Pointer •
CVSS: 5.3EPSS: 0%CPEs: 14EXPL: 0CVE-2020-1814
https://notcve.org/view.php?id=CVE-2020-1814
18 Feb 2020 — Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability. An authenticated attacker may do some special operations in the affected products in some special scenarios to exploit the vulnerability. Due to improper race conditions of different operations, successful exploit will lead to Dangling pointer dereference, causing some servic... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-01-firewall-en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.3EPSS: 0%CPEs: 14EXPL: 0CVE-2020-1830
https://notcve.org/view.php?id=CVE-2020-1830
17 Feb 2020 — Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a vulnerability that a memory management error exists when IPSec Module handing a specific message. This causes 1 byte out-of-bound read, compromising normal service. Huawei NIP6800 versiones V500R001C30, V500R001C60SPC500 y V500R005C00; Secospace USG6600 y USG9500 versiones V500R001C30SPC200, V500R001C30SPC600, V500R001... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-04-ipsec-en • CWE-125: Out-of-bounds Read •