Vulnerability Description
Huawei NIP6800 versions V500R001C30 and V500R001C60SPC500; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, and V500R001C60SPC500 have a vulnerability that the IPSec module handles a message improperly. Attackers can send specific message to cause double free memory. This may compromise normal service.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Nip6800 Firmware | v500r001c30 |
| Huawei | Nip6800 | - |
| Huawei | Secospace Usg6600 Firmware | v500r001c30spc200 |
| Huawei | Secospace Usg6600 | - |
| Huawei | Usg9500 Firmware | v500r001c30spc200 |
| Huawei | Usg9500 | - |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-03-ipsec-eVendor Advisory
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200212-03-ipsec-eVendor Advisory
FAQ
What is CVE-2020-1829?
CVE-2020-1829 is a vulnerability with a CVSS score of 7.5 (HIGH). Huawei NIP6800 versions V500R001C30 and V500R001C60SPC500; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, and V500R001C60SPC500 have a vulnerability that the IPSec mo...
How severe is CVE-2020-1829?
CVE-2020-1829 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-1829?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Nip6800 Firmware, Huawei Nip6800, Huawei Secospace Usg6600 Firmware, Huawei Secospace Usg6600, Huawei Usg9500 Firmware.