PT-2020-15132 · Huawei · Usg9500+3
Published
2020-02-19
·
Updated
2020-03-04
·
CVE-2020-1875
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
NIP6800 versions V500R001C30, V500R001C60SPC500
Secospace USG6600 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500
USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500
Description
The software system accesses an invalid pointer when an abnormal condition occurs in certain operations. Successful exploitation could cause certain process reboot.
Recommendations
For NIP6800 versions V500R001C30 and V500R001C60SPC500, update to a version that fixes the invalid pointer access vulnerability.
For Secospace USG6600 versions V500R001C30SPC200, V500R001C30SPC600, and V500R001C60SPC500, update to a version that fixes the invalid pointer access vulnerability.
For USG9500 versions V500R001C30SPC200, V500R001C30SPC600, and V500R001C60SPC500, update to a version that fixes the invalid pointer access vulnerability.
As a temporary workaround, consider restricting operations that may trigger the abnormal condition until a patch is available.
Fix
Access of Uninitialized Pointer
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Huawei Vrp
Nip6800
Secospace Usg6600
Usg9500