CVE-2020-1814
Severity Score
5.3
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability. An authenticated attacker may do some special operations in the affected products in some special scenarios to exploit the vulnerability. Due to improper race conditions of different operations, successful exploit will lead to Dangling pointer dereference, causing some service abnormal.
Huawei NIP6800 versiones V500R001C30, V500R001C60SPC500 y V500R005C00; Secospace USG6600 y USG9500 versiones V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500 y V500R005C00, presentan una vulnerabilidad de desreferencia del puntero Dangling. Un atacante autenticado puede llevar a cabo algunas operaciones especiales en los productos afectados en algunos escenarios especiales para explotar está vulnerabilidad. Debido a condiciones de carrera inapropiadas de diferentes operaciones, una explotación con éxito conllevará a una desreferencia del puntero Dangling, causando algún servicio anormal.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-11-29 CVE Reserved
- 2020-02-18 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-01-firewall-en | 2021-07-21 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | Nip6800 Firmware Search vendor "Huawei" for product "Nip6800 Firmware" | v500r001c30 Search vendor "Huawei" for product "Nip6800 Firmware" and version "v500r001c30" | - |
Affected
| in | Huawei Search vendor "Huawei" | Nip6800 Search vendor "Huawei" for product "Nip6800" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Nip6800 Firmware Search vendor "Huawei" for product "Nip6800 Firmware" | v500r001c60spc500 Search vendor "Huawei" for product "Nip6800 Firmware" and version "v500r001c60spc500" | - |
Affected
| in | Huawei Search vendor "Huawei" | Nip6800 Search vendor "Huawei" for product "Nip6800" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Nip6800 Firmware Search vendor "Huawei" for product "Nip6800 Firmware" | v500r005c00 Search vendor "Huawei" for product "Nip6800 Firmware" and version "v500r005c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Nip6800 Search vendor "Huawei" for product "Nip6800" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Secospace Usg6600 Firmware Search vendor "Huawei" for product "Secospace Usg6600 Firmware" | v500r001c30spc200 Search vendor "Huawei" for product "Secospace Usg6600 Firmware" and version "v500r001c30spc200" | - |
Affected
| in | Huawei Search vendor "Huawei" | Secospace Usg6600 Search vendor "Huawei" for product "Secospace Usg6600" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Secospace Usg6600 Firmware Search vendor "Huawei" for product "Secospace Usg6600 Firmware" | v500r001c30spc600 Search vendor "Huawei" for product "Secospace Usg6600 Firmware" and version "v500r001c30spc600" | - |
Affected
| in | Huawei Search vendor "Huawei" | Secospace Usg6600 Search vendor "Huawei" for product "Secospace Usg6600" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Secospace Usg6600 Firmware Search vendor "Huawei" for product "Secospace Usg6600 Firmware" | v500r001c60spc500 Search vendor "Huawei" for product "Secospace Usg6600 Firmware" and version "v500r001c60spc500" | - |
Affected
| in | Huawei Search vendor "Huawei" | Secospace Usg6600 Search vendor "Huawei" for product "Secospace Usg6600" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Secospace Usg6600 Firmware Search vendor "Huawei" for product "Secospace Usg6600 Firmware" | v500r005c00 Search vendor "Huawei" for product "Secospace Usg6600 Firmware" and version "v500r005c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Secospace Usg6600 Search vendor "Huawei" for product "Secospace Usg6600" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Usg9500 Firmware Search vendor "Huawei" for product "Usg9500 Firmware" | v500r001c30spc200 Search vendor "Huawei" for product "Usg9500 Firmware" and version "v500r001c30spc200" | - |
Affected
| in | Huawei Search vendor "Huawei" | Usg9500 Search vendor "Huawei" for product "Usg9500" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Usg9500 Firmware Search vendor "Huawei" for product "Usg9500 Firmware" | v500r001c30spc600 Search vendor "Huawei" for product "Usg9500 Firmware" and version "v500r001c30spc600" | - |
Affected
| in | Huawei Search vendor "Huawei" | Usg9500 Search vendor "Huawei" for product "Usg9500" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Usg9500 Firmware Search vendor "Huawei" for product "Usg9500 Firmware" | v500r001c60spc500 Search vendor "Huawei" for product "Usg9500 Firmware" and version "v500r001c60spc500" | - |
Affected
| in | Huawei Search vendor "Huawei" | Usg9500 Search vendor "Huawei" for product "Usg9500" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Usg9500 Firmware Search vendor "Huawei" for product "Usg9500 Firmware" | v500r005c00 Search vendor "Huawei" for product "Usg9500 Firmware" and version "v500r005c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Usg9500 Search vendor "Huawei" for product "Usg9500" | - | - |
Safe
|