CVE-2020-9071
First published: Mon Jun 01 2020(Updated: )
There is a few bytes out-of-bounds read vulnerability in some Huawei products. The software reads data past the end of the intended buffer when parsing certain message, an authenticated attacker could exploit this vulnerability by sending crafted messages to the device. Successful exploit may cause service abnormal in specific scenario.Affected product versions include:AR120-S versions V200R007C00SPC900,V200R007C00SPCa00
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei AR120 firmware | =v200r007c00spc900 | |
| Huawei AR120 firmware | =v200r007c00spca00 | |
| Huawei AR120 firmware | =v200r007c00spcb00 | |
| Huawei AR120 firmware | =v200r007c00spcc00 | |
| Huawei AR120 firmware | ||
| Huawei AR1200-S Firmware | =v200r007c00spc900 | |
| Huawei AR1200-S Firmware | =v200r007c00spc900pwe | |
| Huawei AR1200-S Firmware | =v200r007c00spca00 | |
| Huawei AR1200-S Firmware | =v200r007c00spcb00 | |
| Huawei AR1200-S Firmware | =v200r007c00spcb00pwe | |
| Huawei AR1200-S Firmware | =v200r007c00spcc00 | |
| Huawei AR1200-S | ||
| Huawei AR1200-S Firmware | =v200r007c00spc900 | |
| Huawei AR1200-S Firmware | =v200r007c00spcb00 | |
| Huawei AR1200-S Firmware | =v200r007c00spcc00 | |
| Huawei AR1200 | ||
| Huawei AR150-S Firmware | =v200r007c00spc900 | |
| Huawei AR150-S Firmware | =v200r007c00spc900pwe | |
| Huawei AR150-S Firmware | =v200r007c00spcb00 | |
| Huawei AR150-S Firmware | =v200r007c00spcb00pwe | |
| Huawei AR150-S Firmware | =v200r007c00spcc00 | |
| Huawei AR150 Firmware | ||
| Huawei AR150 Firmware | =v200r007c00spc900 | |
| Huawei AR150 Firmware | =v200r007c00spcb00 | |
| Huawei AR150 Firmware | =v200r007c00spcc00 | |
| Huawei AR150 Firmware | ||
| Huawei AR160 Firmware | =v200r007c00spc900 | |
| Huawei AR160 Firmware | =v200r007c00spc900pwe | |
| Huawei AR160 Firmware | =v200r007c00spcb00 | |
| Huawei AR160 Firmware | =v200r007c00spcb00pwe | |
| Huawei AR160 Firmware | =v200r007c00spcc00 | |
| Huawei Access Router | ||
| Huawei AR200-S Firmware | =v200r007c00spc900 | |
| Huawei AR200-S Firmware | =v200r007c00spc900pwe | |
| Huawei AR200-S Firmware | =v200r007c00spcb00 | |
| Huawei AR200-S Firmware | =v200r007c00spcb00pwe | |
| Huawei AR200-S Firmware | =v200r007c00spcc00 | |
| Huawei AR200 Firmware | ||
| Huawei AR200 Firmware | =v200r007c00spc900 | |
| Huawei AR200 Firmware | =v200r007c00spcb00 | |
| Huawei AR200 Firmware | =v200r007c00spcc00 | |
| Huawei AR200-S Firmware | ||
| Huawei AR2200 Series Firmware | =v200r007c00spc900 | |
| Huawei AR2200 Series Firmware | =v200r007c00spc900pwe | |
| Huawei AR2200 Series Firmware | =v200r007c00spca00 | |
| Huawei AR2200 Series Firmware | =v200r007c00spcb00 | |
| Huawei AR2200 Series Firmware | =v200r007c00spcb00pwe | |
| Huawei AR2200 Series Firmware | =v200r007c00spcc00 | |
| Huawei AR2200 Series Firmware | ||
| Huawei AR2200 Series Firmware | =v200r007c00spc900 | |
| Huawei AR2200 Series Firmware | =v200r007c00spcb00 | |
| Huawei AR2200 Series Firmware | =v200r007c00spcc00 | |
| Huawei AR2200 Series Firmware | ||
| Huawei AR3200 | =v200r007c00 | |
| Huawei AR3200 | =v200r007c00spc900 | |
| Huawei AR3200 | =v200r007c00spc900pwe | |
| Huawei AR3200 | =v200r007c00spca00 | |
| Huawei AR3200 | =v200r007c00spcb00 | |
| Huawei AR3200 | =v200r007c00spcb00pwe | |
| Huawei AR3200 | =v200r007c00spcc00 | |
| Huawei AR3200 firmware | ||
| Huawei AR3600 Firmware | =v200r007c00spc900 | |
| Huawei AR3600 Firmware | =v200r007c00spc900pwe | |
| Huawei AR3600 Firmware | =v200r007c00spcb00 | |
| Huawei AR3600 Firmware | =v200r007c00spcb00pwe | |
| Huawei AR3600 Firmware | =v200r007c00spcc00 | |
| Huawei AR3600 Firmware | ||
| Huawei AR510 Firmware | =v200r007c00spc900 | |
| Huawei AR510 Firmware | ||
| Huawei NetEngine 16EX firmware | =v200r007c00spc900 | |
| Huawei NetEngine 16EX firmware | =v200r007c00spcb00 | |
| Huawei NetEngine 16EX firmware | =v200r007c00spcc00 | |
| Huawei NetEngine 16EX | ||
| Huawei SRG1300 | =v200r007c00spc900 | |
| Huawei SRG1300 | =v200r007c00spcb00 | |
| Huawei SRG1300 | =v200r007c00spcc00 | |
| Huawei SRG1300 Firmware | ||
| Huawei SRG2300 | =v200r007c00spc900 | |
| Huawei SRG2300 | =v200r007c00spcb00 | |
| Huawei SRG2300 | =v200r007c00spcc00 | |
| Huawei SRG2300 | ||
| Huawei SRG3300 | =v200r007c00spc900 | |
| Huawei SRG3300 | =v200r007c00spcb00 | |
| Huawei SRG3300 | =v200r007c00spcc00 | |
| Huawei SRG3300 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2020-9071?
CVE-2020-9071 has been rated as a high severity vulnerability due to the potential for unauthorized access and data leakage.
How do I fix CVE-2020-9071?
To fix CVE-2020-9071, update your Huawei device to the latest firmware version that addresses this vulnerability.
What types of devices are affected by CVE-2020-9071?
CVE-2020-9071 affects several Huawei router models, including the AR1200, AR150, and ar200 series among others.
Can CVE-2020-9071 be exploited remotely?
Yes, an authenticated attacker can exploit CVE-2020-9071 remotely by sending specially crafted messages to the affected device.
What could happen if CVE-2020-9071 is exploited?
If exploited, CVE-2020-9071 could lead to an out-of-bounds read, potentially resulting in information disclosure.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/huawei
- canonical/huawei ar120 firmware
- version/huawei ar120 firmware/v200r007c00spc900
- version/huawei ar120 firmware/v200r007c00spca00
- version/huawei ar120 firmware/v200r007c00spcb00
- version/huawei ar120 firmware/v200r007c00spcc00
- canonical/huawei ar1200-s firmware
- version/huawei ar1200-s firmware/v200r007c00spc900
- version/huawei ar1200-s firmware/v200r007c00spc900pwe
- version/huawei ar1200-s firmware/v200r007c00spca00
- version/huawei ar1200-s firmware/v200r007c00spcb00
- version/huawei ar1200-s firmware/v200r007c00spcb00pwe
- version/huawei ar1200-s firmware/v200r007c00spcc00
- canonical/huawei ar1200-s
- canonical/huawei ar1200
- canonical/huawei ar150-s firmware
- version/huawei ar150-s firmware/v200r007c00spc900
- version/huawei ar150-s firmware/v200r007c00spc900pwe
- version/huawei ar150-s firmware/v200r007c00spcb00
- version/huawei ar150-s firmware/v200r007c00spcb00pwe
- version/huawei ar150-s firmware/v200r007c00spcc00
- canonical/huawei ar150 firmware
- version/huawei ar150 firmware/v200r007c00spc900
- version/huawei ar150 firmware/v200r007c00spcb00
- version/huawei ar150 firmware/v200r007c00spcc00
- canonical/huawei ar160 firmware
- version/huawei ar160 firmware/v200r007c00spc900
- version/huawei ar160 firmware/v200r007c00spc900pwe
- version/huawei ar160 firmware/v200r007c00spcb00
- version/huawei ar160 firmware/v200r007c00spcb00pwe
- version/huawei ar160 firmware/v200r007c00spcc00
- canonical/huawei access router
- canonical/huawei ar200-s firmware
- version/huawei ar200-s firmware/v200r007c00spc900
- version/huawei ar200-s firmware/v200r007c00spc900pwe
- version/huawei ar200-s firmware/v200r007c00spcb00
- version/huawei ar200-s firmware/v200r007c00spcb00pwe
- version/huawei ar200-s firmware/v200r007c00spcc00
- canonical/huawei ar200 firmware
- version/huawei ar200 firmware/v200r007c00spc900
- version/huawei ar200 firmware/v200r007c00spcb00
- version/huawei ar200 firmware/v200r007c00spcc00
- canonical/huawei ar2200 series firmware
- version/huawei ar2200 series firmware/v200r007c00spc900
- version/huawei ar2200 series firmware/v200r007c00spc900pwe
- version/huawei ar2200 series firmware/v200r007c00spca00
- version/huawei ar2200 series firmware/v200r007c00spcb00
- version/huawei ar2200 series firmware/v200r007c00spcb00pwe
- version/huawei ar2200 series firmware/v200r007c00spcc00
- canonical/huawei ar3200
- version/huawei ar3200/v200r007c00
- version/huawei ar3200/v200r007c00spc900
- version/huawei ar3200/v200r007c00spc900pwe
- version/huawei ar3200/v200r007c00spca00
- version/huawei ar3200/v200r007c00spcb00
- version/huawei ar3200/v200r007c00spcb00pwe
- version/huawei ar3200/v200r007c00spcc00
- canonical/huawei ar3200 firmware
- canonical/huawei ar3600 firmware
- version/huawei ar3600 firmware/v200r007c00spc900
- version/huawei ar3600 firmware/v200r007c00spc900pwe
- version/huawei ar3600 firmware/v200r007c00spcb00
- version/huawei ar3600 firmware/v200r007c00spcb00pwe
- version/huawei ar3600 firmware/v200r007c00spcc00
- canonical/huawei ar510 firmware
- version/huawei ar510 firmware/v200r007c00spc900
- canonical/huawei netengine 16ex firmware
- version/huawei netengine 16ex firmware/v200r007c00spc900
- version/huawei netengine 16ex firmware/v200r007c00spcb00
- version/huawei netengine 16ex firmware/v200r007c00spcc00
- canonical/huawei netengine 16ex
- canonical/huawei srg1300
- version/huawei srg1300/v200r007c00spc900
- version/huawei srg1300/v200r007c00spcb00
- version/huawei srg1300/v200r007c00spcc00
- canonical/huawei srg1300 firmware
- canonical/huawei srg2300
- version/huawei srg2300/v200r007c00spc900
- version/huawei srg2300/v200r007c00spcb00
- version/huawei srg2300/v200r007c00spcc00
- canonical/huawei srg3300
- version/huawei srg3300/v200r007c00spc900
- version/huawei srg3300/v200r007c00spcb00
- version/huawei srg3300/v200r007c00spcc00
- canonical/huawei srg3300 firmware