CVE-2020-9101

Name of the Vulnerable Software and Affected Versions IPS Module versions V500R005C00, V500R005C10 NGFW Module versions V500R005C00, V500R005C10 Secospace USG6300 versions V500R001C30, V500R001C60, V500R005C00, V500R005C10 Secospace USG6500 versions V500R001C30, V500R001C60, V500R005C00, V500R005C10 Secospace USG6600 versions V500R001C30, V500R001C60, V500R005C00, V500R005C10 USG9500 versions V500R001C30, V500R001C60, V500R005C00, V500R005C10

Description The issue is an out-of-bounds write vulnerability. An unauthenticated attacker can craft malformed packets with a specific parameter and send them to the affected products. Due to insufficient validation of packets, this may be exploited to cause the process to reboot.

Recommendations For IPS Module versions V500R005C00, V500R005C10, update to a version that includes the fix for this issue. For NGFW Module versions V500R005C00, V500R005C10, update to a version that includes the fix for this issue. For Secospace USG6300 versions V500R001C30, V500R001C60, V500R005C00, V500R005C10, update to a version that includes the fix for this issue. For Secospace USG6500 versions V500R001C30, V500R001C60, V500R005C00, V500R005C10, update to a version that includes the fix for this issue. For Secospace USG6600 versions V500R001C30, V500R001C60, V500R005C00, V500R005C10, update to a version that includes the fix for this issue. For USG9500 versions V500R001C30, V500R001C60, V500R005C00, V500R005C10, update to a version that includes the fix for this issue. As a temporary workaround, consider implementing additional validation for incoming packets to minimize the risk of exploitation.