CVE-2020-1877
First published: Fri Feb 28 2020(Updated: )
NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when administrator log in to the device and performs some operations. Successful exploit could cause certain process reboot.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei Nip6800 Firmware | =v500r001c30 | |
| Huawei Nip6800 Firmware | =v500r001c60spc500 | |
| Huawei Nip6800 Firmware | =v500r005c00 | |
| Huawei NIP6800 | ||
| Huawei Secospace Usg6600 Firmware | =v500r001c30spc200 | |
| Huawei Secospace Usg6600 Firmware | =v500r001c30spc600 | |
| Huawei Secospace Usg6600 Firmware | =v500r001c60spc500 | |
| Huawei Secospace Usg6600 Firmware | =v500r005c00 | |
| Huawei Secospace USG6600 | ||
| Huawei Usg9500 Firmware | =v500r001c30spc200 | |
| Huawei Usg9500 Firmware | =v500r001c30spc600 | |
| Huawei Usg9500 Firmware | =v500r001c60spc500 | |
| Huawei Usg9500 Firmware | =v500r005c00 | |
| Huawei USG9500 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-1877?
CVE-2020-1877 is a vulnerability that affects NIP6800, Secospace USG6600, and USG9500 devices with specific versions of V500R001C30, V500R001C60SPC500, and V500R005C00SPC100 firmware.
What is the severity of CVE-2020-1877?
The severity of CVE-2020-1877 is rated as medium, with a CVSS score of 4.4 out of 10.
How does CVE-2020-1877 affect Huawei devices?
CVE-2020-1877 affects Huawei NIP6800, Secospace USG6600, and USG9500 devices when running specific firmware versions.
How can CVE-2020-1877 be exploited?
CVE-2020-1877 can be exploited when an administrator logs in to the affected device and performs certain operations.
Is there a fix available for CVE-2020-1877?
Yes, Huawei has released a security advisory with detailed instructions on how to mitigate the vulnerability. Please refer to the following link for more information: [Huawei Security Advisory SA-20200219-05](https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-05-invalidpointer-en)
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- agent/type
- agent/tags
- agent/event
- agent/weakness
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/huawei
- canonical/huawei nip6800 firmware
- version/huawei nip6800 firmware/v500r001c30
- version/huawei nip6800 firmware/v500r001c60spc500
- version/huawei nip6800 firmware/v500r005c00
- canonical/huawei nip6800
- canonical/huawei secospace usg6600 firmware
- version/huawei secospace usg6600 firmware/v500r001c30spc200
- version/huawei secospace usg6600 firmware/v500r001c30spc600
- version/huawei secospace usg6600 firmware/v500r001c60spc500
- version/huawei secospace usg6600 firmware/v500r005c00
- canonical/huawei secospace usg6600
- canonical/huawei usg9500 firmware
- version/huawei usg9500 firmware/v500r001c30spc200
- version/huawei usg9500 firmware/v500r001c30spc600
- version/huawei usg9500 firmware/v500r001c60spc500
- version/huawei usg9500 firmware/v500r005c00
- canonical/huawei usg9500