CVE-2020-1860
HIGHNIP6800;Secospace USG6600;USG9500 <V500R001C30; V500R001C60SPC500; ...
Title source: llmDescription
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an access control bypass vulnerability. Attackers that can access to the internal network can exploit this vulnerability with careful deployment. Successful exploit may cause the access control to be bypassed, and attackers can directly access the Internet.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-02-firewall-en
Scores
CVSS v3
7.5
EPSS
0.0011
EPSS Percentile
28.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
Status
published
Products (9)
huawei/nip6800_firmware
v500r001c30
huawei/nip6800_firmware
v500r001c60
huawei/nip6800_firmware
v500r005c00
huawei/secospace_usg6600_firmware
v500r001c30
huawei/secospace_usg6600_firmware
v500r001c60
huawei/secospace_usg6600_firmware
v500r005c00
huawei/usg9500_firmware
v500r001c30
huawei/usg9500_firmware
v500r001c60
huawei/usg9500_firmware
v500r005c00
Published
Feb 28, 2020
Tracked Since
Feb 18, 2026