CVE-2020-9124

HIGH

Huawei Cloudengine 12800 Firmware - Memory Leak

Title source: rule

Description

There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory leak.

References (1)

[Vendor Advisory] https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201223-01-cloudengine-en

Scores

CVSS v3 7.5

EPSS 0.0031

EPSS Percentile 54.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-401

Status published

Affected Products (16)

huawei/cloudengine_12800_firmware

huawei/cloudengine_5800_firmware

huawei/cloudengine_6800_firmware

huawei/cloudengine_7800_firmware

... and 1 more

Timeline

Published Dec 29, 2020

Tracked Since Feb 18, 2026