Vulnerability Description
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability. An authenticated attacker may do some special operations in the affected products in some special scenarios to exploit the vulnerability. Due to improper race conditions of different operations, successful exploit will lead to Dangling pointer dereference, causing some service abnormal.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Nip6800 Firmware | v500r001c30 |
| Huawei | Nip6800 | - |
| Huawei | Secospace Usg6600 Firmware | v500r001c30spc200 |
| Huawei | Secospace Usg6600 | - |
| Huawei | Usg9500 Firmware | v500r001c30spc200 |
| Huawei | Usg9500 | - |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-01-firewalVendor Advisory
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-01-firewalVendor Advisory
FAQ
What is CVE-2020-1814?
CVE-2020-1814 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling...
How severe is CVE-2020-1814?
CVE-2020-1814 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-1814?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Nip6800 Firmware, Huawei Nip6800, Huawei Secospace Usg6600 Firmware, Huawei Secospace Usg6600, Huawei Usg9500 Firmware.