CVE-2020-1875 Information

Description

NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when an abnormal condition occurs in certain operation. Successful exploit could cause certain process reboot. Affected product versions include:NIP6800 versions V500R001C30V500R001C60SPC500;Secospace USG6600 versions V500R001C30SPC200V500R001C30SPC600V500R001C60SPC500;USG9500 versions V500R001C30SPC200V500R001C30SPC600V500R001C60SPC500.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Reference

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-01-wildpointer-en

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

5.5