PT-2020-15104 · Huawei · Secospace Usg9500+3
Published
2020-01-22
·
Updated
2021-07-21
·
CVE-2020-1828
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00
Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00
Description
The issue is related to an input validation vulnerability in the IPSec module, where it fails to validate a field in a specific message. This allows attackers to send a specific message that can cause an out-of-bound read, compromising normal service.
Recommendations
For Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00, consider disabling the IPSec module until a patch is available.
For Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00, restrict access to the IPSec module to minimize the risk of exploitation.
Fix
Out of bounds Read
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Huawei Nip6800
Huawei Vrp
Secospace Usg6600
Secospace Usg9500