CVE-2020-1818

CWE-125Out-of-bounds Read3 documents3 sources
Severity
5.3MEDIUM
EPSS
0.1%
top 76.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
18
Huawei IPS ModuleHuawei Ngfw ModuleHuawei Nip6300+15 more
Timeline
PublishedDec 27

Description

There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 2.2 | Impact: 1.4

Affected Packages18 packages

CVEListV5huawei/nip6300V500R001C30, V500R001C60, V500R005C00+2
CVEListV5huawei/nip6600V500R001C30, V500R001C60, V500R005C00+2
CVEListV5huawei/nip6800V500R001C60, V500R005C00+1
CVEListV5huawei/usg6000vV500R003C00
CVEListV5huawei/ips_moduleV500R001C30, V500R001C60, V500R005C00+2

🔴Vulnerability Details

2
CVEList
CVE-2020-1818: There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei pro2024-12-27
GHSA
GHSA-mcxh-4gjr-cmr4: There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei pro2024-12-27
CVE-2020-1818 (MEDIUM CVSS 5.3) | There are multiple out of bounds (O | cvebase.io