CVE-2020-9099

Name of the Vulnerable Software and Affected Versions: Huawei products versions V500R001C00 through V500R005C20 Huawei products versions V500R002C00 through V500R002C30 NIP6300 (affected versions not specified) NIP6600 (affected versions not specified) NIP6800 (affected versions not specified) Secospace USG6300 (affected versions not specified) Secospace USG6500 (affected versions not specified) Secospace USG6600 (affected versions not specified) USG9500 (affected versions not specified)

Description: The issue is related to improper authentication in Huawei products. Attackers can exploit this issue by performing certain operations, which may allow them to obtain certain permissions on the device or elevate their privileges. Successful exploitation may also lead to arbitrary code execution or cause a denial of service.

Recommendations: For versions V500R001C00 through V500R005C20, update to a version that includes the fix for the improper authentication vulnerability. For versions V500R002C00 through V500R002C30, update to a version that includes the fix for the improper authentication vulnerability. For NIP6300, NIP6600, NIP6800, Secospace USG6300, Secospace USG6500, Secospace USG6600, and USG9500, at the moment, there is no information about a newer version that contains a fix for this vulnerability.