CVE-2020-1858

Name of the Vulnerable Software and Affected Versions Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100 Huawei Secospace USG6600 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 Huawei USG9500 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100

Description The issue is related to a denial of service vulnerability. Attackers need to perform a series of operations in a special scenario to exploit this vulnerability. Successful exploit may cause new connections to be unable to be established, resulting in a denial of service. In some abnormal cases, the software does not correctly process data, allowing an attacker to exploit this vulnerability.

Recommendations For Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100, update to a version that includes the fix for this vulnerability. For Huawei Secospace USG6600 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100, update to a version that includes the fix for this vulnerability. For Huawei USG9500 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100, update to a version that includes the fix for this vulnerability. As a temporary workaround, consider restricting access to the affected systems to minimize the risk of exploitation.