There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289)
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Huawei | IPS Module | unaffected |
|
||||||||||||
| Huawei | NGFW Module | unaffected |
|
||||||||||||
| Huawei | NIP6300 | unaffected |
|
||||||||||||
| Huawei | NIP6600 | unaffected |
|
||||||||||||
| Huawei | NIP6800 | unaffected |
|
||||||||||||
| Huawei | Secospace USG6300 | unaffected |
|
||||||||||||
| Huawei | Secospace USG6500 | unaffected |
|
||||||||||||
| Huawei | Secospace USG6600 | unaffected |
|
||||||||||||
| Huawei | USG6000V | unaffected |
|
Configuration 1 [-]
| AND |
|
Configuration 2 [-]
| AND |
|
Configuration 3 [-]
| AND |
|
Configuration 4 [-]
| AND |
|
Configuration 5 [-]
| AND |
|
Configuration 6 [-]
| AND |
|
Configuration 7 [-]
| AND |
|
Configuration 8 [-]
| AND |
|
Configuration 9 [-]
| AND |
|
No data.
No data.
Project Subscriptions
| Vendors | Products |
|---|---|
|
Huawei
Subscribe
|
Ips Module
Subscribe
Ips Module Firmware
Subscribe
Ngfw Module
Subscribe
Ngfw Module Firmware
Subscribe
Nip6300
Subscribe
Nip6300 Firmware
Subscribe
Nip6600
Subscribe
Nip6600 Firmware
Subscribe
Nip6800
Subscribe
Nip6800 Firmware
Subscribe
Secospace Usg6300
Subscribe
Secospace Usg6300 Firmware
Subscribe
Secospace Usg6500
Subscribe
Secospace Usg6500 Firmware
Subscribe
Secospace Usg6600
Subscribe
Secospace Usg6600 Firmware
Subscribe
Usg6000v
Subscribe
Usg6000v Firmware
Subscribe
|
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2020-12650 | There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289) The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Tue, 14 Jan 2025 08:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Huawei
Huawei ips Module Huawei ips Module Firmware Huawei ngfw Module Huawei ngfw Module Firmware Huawei nip6300 Huawei nip6300 Firmware Huawei nip6600 Huawei nip6600 Firmware Huawei nip6800 Huawei nip6800 Firmware Huawei secospace Usg6300 Huawei secospace Usg6300 Firmware Huawei secospace Usg6500 Huawei secospace Usg6500 Firmware Huawei secospace Usg6600 Huawei secospace Usg6600 Firmware Huawei usg6000v Huawei usg6000v Firmware |
|
| CPEs | cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:* cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:* cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:* cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:* cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:* cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:* cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:* cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:* cpe:2.3:h:huawei:usg6000v:-:*:*:*:*:*:*:* cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:* cpe:2.3:o:huawei:ips_module_firmware:v500r001c60:*:*:*:*:*:*:* cpe:2.3:o:huawei:ips_module_firmware:v500r005c00:*:*:*:*:*:*:* cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c00:*:*:*:*:*:*:* cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c20:*:*:*:*:*:*:* cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00:*:*:*:*:*:*:* cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:* cpe:2.3:o:huawei:nip6300_firmware:v500r001c60:*:*:*:*:*:*:* cpe:2.3:o:huawei:nip6300_firmware:v500r005c00:*:*:*:*:*:*:* cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:* cpe:2.3:o:huawei:nip6600_firmware:v500r001c60:*:*:*:*:*:*:* cpe:2.3:o:huawei:nip6600_firmware:v500r005c00:*:*:*:*:*:*:* cpe:2.3:o:huawei:nip6800_firmware:v500r001c60:*:*:*:*:*:*:* cpe:2.3:o:huawei:nip6800_firmware:v500r005c00:*:*:*:*:*:*:* cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:* cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60:*:*:*:*:*:*:* cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r005c00:*:*:*:*:*:*:* cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:* cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c60:*:*:*:*:*:*:* cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r005c00:*:*:*:*:*:*:* cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:* cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00:*:*:*:*:*:*:* cpe:2.3:o:huawei:usg6000v_firmware:v500r003c00:*:*:*:*:*:*:* |
|
| Vendors & Products |
Huawei
Huawei ips Module Huawei ips Module Firmware Huawei ngfw Module Huawei ngfw Module Firmware Huawei nip6300 Huawei nip6300 Firmware Huawei nip6600 Huawei nip6600 Firmware Huawei nip6800 Huawei nip6800 Firmware Huawei secospace Usg6300 Huawei secospace Usg6300 Firmware Huawei secospace Usg6500 Huawei secospace Usg6500 Firmware Huawei secospace Usg6600 Huawei secospace Usg6600 Firmware Huawei usg6000v Huawei usg6000v Firmware |
Sat, 28 Dec 2024 17:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Sat, 28 Dec 2024 06:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289) The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824. | |
| Weaknesses | CWE-125 | |
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: huawei
Published:
Updated: 2024-12-28T16:32:25.200Z
Reserved: 2019-11-29T00:00:00.000Z
Link: CVE-2020-1824
Vulnrichment
Updated: 2024-12-28T16:32:17.878Z
NVD
Status : Analyzed
Published: 2024-12-28T07:15:18.530
Modified: 2025-01-13T18:39:27.433
Link: CVE-2020-1824
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses