PT-2020-15089 · Huawei · Secospace Usg9500+3

Published

2020-02-12

Updated

2021-07-21

CVE-2020-1816

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00 Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00

Description A Denial of Service (DoS) issue exists due to improper processing of specific IPSEC packets. Remote attackers can send constructed IPSEC packets to affected devices to exploit this issue. Successful exploitation could cause the IPSec function of the affected device to become abnormal.

Recommendations For Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00, consider disabling the IPSEC function until a patch is available. For Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00, restrict access to the IPSEC module to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-1816

Affected Products

Huawei Nip6800

Huawei Vrp

Secospace Usg6600

Secospace Usg9500

PT-2020-15089 · Huawei · Secospace Usg9500+3

CVE-2020-1816

Related Identifiers

Affected Products

References · 3