CVE-2020-1877

Name of the Vulnerable Software and Affected Versions NIP6800 versions V500R001C30 through V500R005C00SPC100 Secospace USG6600 versions V500R001C30 through V500R005C00SPC100 USG9500 versions V500R001C30 through V500R005C00SPC100

Description The software system accesses an invalid pointer when an administrator logs in to the device and performs some operations. Successful exploitation could cause certain process reboot.

Recommendations For NIP6800 versions V500R001C30 through V500R005C00SPC100, restrict access to administrative operations until a patch is available. For Secospace USG6600 versions V500R001C30 through V500R005C00SPC100, consider disabling the login functionality for administrators as a temporary workaround. For USG9500 versions V500R001C30 through V500R005C00SPC100, avoid performing critical operations after administrator login until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.