CVE-2020-1819Out-of-bounds Read in Huawei IPS Module

CWE-125Out-of-bounds Read3 documents3 sources
Severity
5.3MEDIUMNVD
CNA3.7
EPSS
0.1%
top 76.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
18
Huawei IPS ModuleHuawei Ngfw ModuleHuawei Nip6300+15 more
Timeline
PublishedDec 27

Description

There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages18 packages

CVEListV5huawei/nip6300V500R001C30, V500R001C60, V500R005C00+2
CVEListV5huawei/nip6600V500R001C30, V500R001C60, V500R005C00+2
CVEListV5huawei/nip6800V500R001C60, V500R005C00+1
CVEListV5huawei/usg6000vV500R003C00
CVEListV5huawei/ips_moduleV500R001C30, V500R001C60, V500R005C00+2

🔴Vulnerability Details

2
GHSA
GHSA-h7hf-xhjp-fvww: There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei pro2024-12-27
CVEList
CVE-2020-1819: There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei pro2024-12-27
CVE-2020-1819 — Out-of-bounds Read in Huawei IPS Module | cvebase