1. Home
  2. CVE Database
  3. CVE-2020-1820
LOW · 3.7

CVE-2020-1820

There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur ou...

Vulnerability Description

There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289) The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.

CVSS Score

3.7

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
LOW

Affected Products

VendorProductVersions
HuaweiIps Module Firmwarev500r001c30
HuaweiIps Module-
HuaweiNgfw Module Firmwarev500r002c00
HuaweiNgfw Module-
HuaweiNip6300 Firmwarev500r001c30
HuaweiNip6300-
HuaweiNip6600 Firmwarev500r001c30
HuaweiNip6600-
HuaweiNip6800 Firmwarev500r001c60
HuaweiNip6800-
HuaweiSecospace Usg6300 Firmwarev500r001c30
HuaweiSecospace Usg6300-
HuaweiSecospace Usg6500 Firmwarev500r001c30
HuaweiSecospace Usg6500-
HuaweiSecospace Usg6600 Firmwarev500r001c30
HuaweiSecospace Usg6600-
HuaweiUsg6000V Firmwarev500r003c00
HuaweiUsg6000V-

Related Weaknesses (CWE)

CWE-125

References

FAQ

What is CVE-2020-1820?

CVE-2020-1820 is a vulnerability with a CVSS score of 3.7 (LOW). There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur ou...

How severe is CVE-2020-1820?

CVE-2020-1820 has been rated LOW with a CVSS base score of 3.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-1820?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Ips Module Firmware, Huawei Ips Module, Huawei Ngfw Module Firmware, Huawei Ngfw Module, Huawei Nip6300 Firmware.