First published: Mon Mar 22 2021(Updated: )
There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft many specific packets. Successful exploit may cause some services to be abnormal. Affected products include some versions of NGFW Module, NIP6300, NIP6600, NIP6800, Secospace USG6300, Secospace USG6500, Secospace USG6600 and SG9500.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei Ngfw Module Firmware | =v500r005c00 | |
Huawei NGFW Module | ||
Huawei Nip6300 Firmware | =v500r001c30 | |
Huawei Nip6300 Firmware | =v500r001c60 | |
Huawei Nip6300 Firmware | =v500r005c00 | |
Huawei NIP6300 | ||
Huawei Nip6600 Firmware | =v500r001c30 | |
Huawei Nip6600 Firmware | =v500r001c60 | |
Huawei Nip6600 Firmware | =v500r005c00 | |
Huawei Nip6600 | ||
Huawei Nip6800 Firmware | =v500r001c60 | |
Huawei Nip6800 Firmware | =v500r005c00 | |
Huawei NIP6800 | ||
Huawei Secospace Usg6300 Firmware | =v500r001c30 | |
Huawei Secospace Usg6300 Firmware | =v500r001c60 | |
Huawei Secospace Usg6300 Firmware | =v500r005c00 | |
Huawei Secospace USG6300 | ||
Huawei Secospace Usg6500 Firmware | =v500r001c30 | |
Huawei Secospace Usg6500 Firmware | =v500r001c60 | |
Huawei Secospace Usg6500 Firmware | =v500r005c00 | |
Huawei Secospace Usg6500 | ||
Huawei Secospace Usg6600 Firmware | =v500r001c30 | |
Huawei Secospace Usg6600 Firmware | =v500r001c60 | |
Huawei Secospace Usg6600 Firmware | =v500r005c00 | |
Huawei Secospace USG6600 | ||
Huawei Usg9500 Firmware | =v500r001c30 | |
Huawei Usg9500 Firmware | =v500r001c60 | |
Huawei Usg9500 Firmware | =v500r005c00 | |
Huawei USG9500 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-9213 is a denial of service vulnerability in some Huawei products.
Some versions of NGFW Module, NIP6300, NIP6600, NIP6800, Secospace USG6300, Secospace USG6500, Secospace USG6600, and USG9500 are affected.
The severity of CVE-2020-9213 is high, with a CVSS score of 7.5.
An attacker can craft specific packets that trigger the vulnerability, causing some services to become abnormal.
To mitigate the vulnerability, users should apply the latest firmware updates provided by Huawei.