Description
There is an out-of-bounds read vulnerability in some versions of NIP6800, Secospace USG6600 and USG9500. The software reads data past the end of the intended buffer when parsing DHCP messages including crafted parameter. Successful exploit could cause certain service abnormal.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-04-eudemon-en
Scores
CVSS v3
6.5
EPSS
0.0005
EPSS Percentile
14.7%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-125
Status
published
Products (11)
huawei/nip6800_firmware
v500r001c30
huawei/nip6800_firmware
v500r001c60spc500
huawei/nip6800_firmware
v500r005c00
huawei/secospace_usg6600_firmware
v500r001c30spc200
huawei/secospace_usg6600_firmware
v500r001c30spc600
huawei/secospace_usg6600_firmware
v500r001c60spc500
huawei/secospace_usg6600_firmware
v500r005c00
huawei/usg9500_firmware
v500r001c30spc200
huawei/usg9500_firmware
v500r001c30spc600
huawei/usg9500_firmware
v500r001c60spc500
... and 1 more
Published
Dec 24, 2020
Tracked Since
Feb 18, 2026