PT-2020-20521 · Huawei · Usg9500+3

Published

2020-01-22

Updated

2020-12-28

CVE-2020-9201

CVSS v3.1

6.5

Medium

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions NIP6800 (affected versions not specified) Secospace USG6600 (affected versions not specified) USG9500 (affected versions not specified)

Description The issue is related to an out-of-bounds read when the software parses DHCP messages that include crafted parameters. This could cause certain services to become abnormal. The software reads data past the end of the intended buffer.

Recommendations For NIP6800, there is no information about a newer version that contains a fix for this issue. For Secospace USG6600, there is no information about a newer version that contains a fix for this issue. For USG9500, there is no information about a newer version that contains a fix for this issue.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2020-9201

Affected Products

Huawei Vrp

Nip6800

Secospace Usg6600

Usg9500

PT-2020-20521 · Huawei · Usg9500+3

CVE-2020-9201

Weakness Enumeration

Related Identifiers

Affected Products

References · 5