CVE-2020-1866
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500,V500R005C00;S12700 versions V200R008C00;S2700 versions V200R008C00;S5700 versions V200R008C00;S6700 versions V200R008C00;S7700 versions V200R008C00;S9700 versions V200R008C00;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00;USG9500 versions V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00.
Se presenta una vulnerabilidad de lectura fuera de límites en varios productos. El software lee los datos más allá del final del búfer previsto cuando se analizan determinados mensajes DHCP diseñados. Una explotación con éxito podría causar un servicio anormal. versiones afectadas de productos incluyen: NIP6800 versiones V500R001C30, V500R001C30,V500R001C60; SPC500 versiones V500R005C00; S12700 versiones V200R008C00; S2700 versiones V200R008C00; S5700 versiones V200R008C00; S6700 versiones V200R008C00; S7700 versiones V200R008C00; S9700 versiones V200R008C00; Secospace USG6600 versiones V500R001C30; SPC200 versiones V500R001C30; SPC600 versiones V500R001C60; SPC500 versiones V500R005C00; USG9500 versiones V500R001C30; SPC200 versiones V500R001C30; SPC600 versiones V500R001C60; SPC500 versiones V500R005C00; USG9500 versiones V500R001C30; SPC300 versiones V500R001C30; SPC600 versiones V500R001C60 y SPC500 versiones V500R005C00
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-11-29 CVE Reserved
- 2021-01-13 CVE Published
- 2023-09-29 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-09-eudemon-en | 2021-01-19 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | Nip6800 Firmware Search vendor "Huawei" for product "Nip6800 Firmware" | v500r001c30 Search vendor "Huawei" for product "Nip6800 Firmware" and version "v500r001c30" | - |
Affected
| in | Huawei Search vendor "Huawei" | Nip6800 Search vendor "Huawei" for product "Nip6800" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Nip6800 Firmware Search vendor "Huawei" for product "Nip6800 Firmware" | v500r001c60spc500 Search vendor "Huawei" for product "Nip6800 Firmware" and version "v500r001c60spc500" | - |
Affected
| in | Huawei Search vendor "Huawei" | Nip6800 Search vendor "Huawei" for product "Nip6800" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Nip6800 Firmware Search vendor "Huawei" for product "Nip6800 Firmware" | v500r005c00 Search vendor "Huawei" for product "Nip6800 Firmware" and version "v500r005c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Nip6800 Search vendor "Huawei" for product "Nip6800" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | S12700 Firmware Search vendor "Huawei" for product "S12700 Firmware" | v200r008c00 Search vendor "Huawei" for product "S12700 Firmware" and version "v200r008c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | S12700 Search vendor "Huawei" for product "S12700" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | S2700 Firmware Search vendor "Huawei" for product "S2700 Firmware" | v200r008c00 Search vendor "Huawei" for product "S2700 Firmware" and version "v200r008c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | S2700 Search vendor "Huawei" for product "S2700" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | S5700 Firmware Search vendor "Huawei" for product "S5700 Firmware" | v200r008c00 Search vendor "Huawei" for product "S5700 Firmware" and version "v200r008c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | S5700 Search vendor "Huawei" for product "S5700" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | S6700 Firmware Search vendor "Huawei" for product "S6700 Firmware" | v200r008c00 Search vendor "Huawei" for product "S6700 Firmware" and version "v200r008c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | S6700 Search vendor "Huawei" for product "S6700" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | S7700 Firmware Search vendor "Huawei" for product "S7700 Firmware" | v200r008c00 Search vendor "Huawei" for product "S7700 Firmware" and version "v200r008c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | S7700 Search vendor "Huawei" for product "S7700" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | S9700 Firmware Search vendor "Huawei" for product "S9700 Firmware" | v200r008c00 Search vendor "Huawei" for product "S9700 Firmware" and version "v200r008c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | S9700 Search vendor "Huawei" for product "S9700" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Secospace Usg6600 Firmware Search vendor "Huawei" for product "Secospace Usg6600 Firmware" | v500r001c30spc200 Search vendor "Huawei" for product "Secospace Usg6600 Firmware" and version "v500r001c30spc200" | - |
Affected
| in | Huawei Search vendor "Huawei" | Secospace Usg6600 Search vendor "Huawei" for product "Secospace Usg6600" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Secospace Usg6600 Firmware Search vendor "Huawei" for product "Secospace Usg6600 Firmware" | v500r001c30spc600 Search vendor "Huawei" for product "Secospace Usg6600 Firmware" and version "v500r001c30spc600" | - |
Affected
| in | Huawei Search vendor "Huawei" | Secospace Usg6600 Search vendor "Huawei" for product "Secospace Usg6600" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Secospace Usg6600 Firmware Search vendor "Huawei" for product "Secospace Usg6600 Firmware" | v500r001c60spc500 Search vendor "Huawei" for product "Secospace Usg6600 Firmware" and version "v500r001c60spc500" | - |
Affected
| in | Huawei Search vendor "Huawei" | Secospace Usg6600 Search vendor "Huawei" for product "Secospace Usg6600" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Secospace Usg6600 Firmware Search vendor "Huawei" for product "Secospace Usg6600 Firmware" | v500r005c00 Search vendor "Huawei" for product "Secospace Usg6600 Firmware" and version "v500r005c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Secospace Usg6600 Search vendor "Huawei" for product "Secospace Usg6600" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Usg9500 Firmware Search vendor "Huawei" for product "Usg9500 Firmware" | v500r001c30spc300 Search vendor "Huawei" for product "Usg9500 Firmware" and version "v500r001c30spc300" | - |
Affected
| in | Huawei Search vendor "Huawei" | Usg9500 Search vendor "Huawei" for product "Usg9500" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Usg9500 Firmware Search vendor "Huawei" for product "Usg9500 Firmware" | v500r001c30spc600 Search vendor "Huawei" for product "Usg9500 Firmware" and version "v500r001c30spc600" | - |
Affected
| in | Huawei Search vendor "Huawei" | Usg9500 Search vendor "Huawei" for product "Usg9500" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Usg9500 Firmware Search vendor "Huawei" for product "Usg9500 Firmware" | v500r001c60spc500 Search vendor "Huawei" for product "Usg9500 Firmware" and version "v500r001c60spc500" | - |
Affected
| in | Huawei Search vendor "Huawei" | Usg9500 Search vendor "Huawei" for product "Usg9500" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Usg9500 Firmware Search vendor "Huawei" for product "Usg9500 Firmware" | v500r005c00 Search vendor "Huawei" for product "Usg9500 Firmware" and version "v500r005c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Usg9500 Search vendor "Huawei" for product "Usg9500" | - | - |
Safe
|