Secospace Usg6300,secospace Usg6500,secospace Usg6600 Secospace Usg6300 V500r001c20spc100, V500r001c20spc101, V500r001c20spc200,secospace Usg6500 V500r001c20spc100, V500r001c20spc101, V500r001c20spc200,secospace Usg6600 V500r001c20spc100, V500r001c20spc101, V500r001c20spc200, Security Vulnerabilities

Huawei Data Communication: Weak Algorithm Vulnerability in Huawei VRP Platform (huawei-sa-20191204-01-vrp)

There is a weak algorithm vulnerability in some Huawei...

Huawei Data Communication: Memory Leak Vulnerability in Some Huawei AntiDDOS Products (huawei-sa-20171213-01-antidos)

There has a memory leak vulnerability in some Huawei AntiDDOS Products. This VT has been deprecated and is therefore no longer...

Huawei Data Communication: Multiple Vulnerabilities Released on Microsoft security advisory 4025685 (huawei-sa-20170909-01-windows)

Microsoft had released a Security Advisory 4025685 on June 14 to fix multiple critical security vulnerabilities in such systems as Microsoft Windows XP, Windows Server 2003, Windows VISTA, and Windows...

Huawei Data Communication: Five Vulnerabilities in Some Huawei Products (huawei-sa-20191211-01-ssp)

There is an out-of-bounds read vulnerability in some Huawei...

Huawei Data Communication: DoS Vulnerability in Some Huawei Products (huawei-sa-20171202-01-pse)

There is a DoS vulnerability caused by memory exhaustion in some Huawei...

Huawei Data Communication: RCE Vulnerability in Microsoft Windows Print Spooler Service (huawei-sa-20171222-01-windows)

Microsoft released a security bulletin MS10-061 to publicly disclose a remote code execution (RCE) vulnerability in the Print Spooler service. This VT has been deprecated and is therefore no longer...

Huawei Data Communication: Memory Leak Vulnerability in Several Huawei Products (huawei-sa-20171213-05-xml)

There is a memory leak vulnerability in several Huawei...

Huawei Data Communication: Buffer Overflow Vulnerability in Some Huawei Products (huawei-sa-20171213-01-buffer)

There is a buffer overflow vulnerability in the Common Open Policy Service Protocol (COPS) module of some Huawei...

Security Advisory - Memory Leak Vulnerability in Some Huawei Products

Some Huawei products have a memory leak vulnerability. An attacker with high privileges exploits this vulnerability by continuously performing specific operations. Successful exploitation of this vulnerability can cause service abnormal. (Vulnerability ID: HWPSIRT-2019-12421) This vulnerability...

Security Advisory - Multiple OOB Read Vulnerabilities in COPS implementation of Some Huawei Products

There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these...

Huawei Products Memory Leak Vulnerability (huawei-sa-20171213-02-firewall)

Multiple Huawei firewalls are prone to a memory leak...

Huawei Data Communication: Weak Cryptography Vulnerability in Some Huawei Products (huawei-sa-20171222-01-cryptography)

Some Huawei products have a weak cryptography...

Huawei Data Communication: Resource Exhaustion Vulnerability on Several Products (huawei-sa-20171213-02-h323)

There is a resource exhaustion vulnerability on several...

Huawei Products Multiple Security Vulnerabilities in the IKEv2 Protocol Implementation (huawei-sa-20171206-01-ikev2)

Multiple Huawei products are prone to multiple vulnerabilities in the IKEv2 protocol...

Huawei Data Communication: Multiple Vulnerabilities in Some Huawei Products (huawei-sa-20171215-01-buffer)

There are two buffer overflow vulnerabilities in some Huawei...

Huawei Data Communication: Insufficient Input Validation Vulnerability in Some Huawei Products (huawei-sa-20171215-01-ike)

There is an insufficient input validation vulnerability in some Huawei...

Huawei Data Communication: Memory Leak Vulnerability in Some Huawei Network Products (huawei-sa-20171129-01-command)

Patch module of some Huawei products have a memory leak...

Huawei Data Communication: Two Vulnerabilities in H323 protocol of Huawei Products (huawei-sa-20171129-01-h323)

There is an out-of-bounds read vulnerability in H323 protocol of Huawei...

Huawei Data Communication: DoS Vulnerability in Huawei Firewall Products (huawei-sa-20171025-01-firewall)

There is a DoS vulnerability in some Huawei firewall...

Huawei Data Communication: Multiple Vulnerabilities of PEM Module in Some Huawei Products (huawei-sa-20171206-01-pem)

There is a null pointer reference vulnerability in PEM module of Huawei products due to insufficient...

Huawei Data Communication: Buffer Overflow Vulnerability in Some Huawei Products (huawei-sa-20180502-02-cops)

There is a buffer overflow vulnerability in the Common Open Policy Service Protocol (COPS) module of some Huawei...

Huawei Data Communication: Out-of-Bounds Memory Access Vulnerability on Some Huawei FireWall Products (huawei-sa-20171213-01-firewall)

There is an Out-of-Bounds memory access vulnerability in Huawei FireWall products due to insufficient...

Huawei Products Buffer Overflow Vulnerability (huawei-sa-20171206-01-buffer)

Multiple Huawei products are prone to a buffer overflow...

Huawei Products DoS Vulnerability (huawei-sa-20171201-01-pse)

Multiple Huawei products are prone to a denial of service...

Huawei Data Communication: Multiple Buffer Overflow Vulnerabilities in Some Huawei Products (huawei-sa-20171201-01-sip)

There are three buffer overflow vulnerabilities in the SIP backup feature of some Huawei...

Huawei Data Communication: Multiple OpenSSL Vulnerabilities in January 2017 (huawei-sa-20170503-01-openssl)

On January 26, 2017, the OpenSSL Software Foundation released a security advisory that included three new...

Huawei Data Communication: Two Vulnerabilities in Some Huawei Products (huawei-sa-20171018-01-h323)

There is a DoS vulnerability in some Huawei...

Huawei Data Communication: Weak Algorithm Vulnerability in Huawei USG product (huawei-sa-20170802-01-usg)

There is a weak algorithm vulnerability in Huawei USG(USG6300/USG6600)...

Huawei Data Communication: DoS Vulnerability in Huawei Firewall (huawei-sa-20161214-01-firewall)

There is a denial of service (DoS) vulnerability in Huawei firewalls due to no memory release after the execution of a specific...

Huawei Data Communication: MaxAge LSA Vulnerability in OSPF Protocol of Some Huawei Products (huawei-sa-20170720-01-ospf)

Some Huawei products have a MaxAge LSA vulnerability due to improper OSPF...

Huawei Data Communication: Integer Overflow Vulnerability in Some Huawei Devices (huawei-sa-20161123-01-vrp)

Some Huawei devices have an integer overflow...

Security Advisory - Improper Authentication Vulnerability in Several Huawei Products

Some Huawei products have an improper authentication vulnerability. Attackers need to perform some operations to exploit the vulnerability. Successful exploit may obtain certain permissions on the device. (Vulnerability ID: HWPSIRT-2020-03160) This vulnerability has been assigned a Common...

CVE-2020-1864

Some Huawei products have a security vulnerability due to improper authentication. A remote attacker needs to obtain some information and forge the peer device to send specific packets to the affected device. Due to the improper implementation of the authentication function, attackers can exploit.....

Security Advisory - Improper Authentication Vulnerability in Some Huawei Products

Some Huawei products have a security vulnerability due to improper authentication. A remote attacker needs to obtain some information and forge the peer device to send specific packets to the affected device. Due to the improper implementation of the authentication function, attackers can exploit.....

CVE-2020-1876

NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds write vulnerability. An unauthenticated attacker crafts malformed packets with specific parameter and sends the packets to the affected products. Due to insufficient...

CVE-2020-1877

NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when administrator log in to the device and performs some operations. Successful exploit could cause...

CVE-2020-1877

NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when administrator log in to the device and performs some operations. Successful exploit could cause...

CVE-2020-1881

NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of...

CVE-2020-1876

NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds write vulnerability. An unauthenticated attacker crafts malformed packets with specific parameter and sends the packets to the affected products. Due to insufficient...

CVE-2020-1881

NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of...

CVE-2020-1875

NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when an abnormal condition occurs in certain operation. Successful exploit could cause certain...

CVE-2020-1860

NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an access control bypass vulnerability. Attackers that can access to the internal network can exploit this vulnerability with careful deployment. Successful exploit may cause the...

CVE-2020-1873

NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds read vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient...

CVE-2020-1874

NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have a invalid pointer access vulnerability. The software system access an invalid pointer when operator logs in to the device and performs some operations. Successful exploit could cause...

CVE-2020-1874

NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have a invalid pointer access vulnerability. The software system access an invalid pointer when operator logs in to the device and performs some operations. Successful exploit could cause...

CVE-2020-1873

NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds read vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient...

CVE-2020-1860

NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an access control bypass vulnerability. Attackers that can access to the internal network can exploit this vulnerability with careful deployment. Successful exploit may cause the...

CVE-2020-1875

NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when an abnormal condition occurs in certain operation. Successful exploit could cause certain...

Improper access control

NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when an abnormal condition occurs in certain operation. Successful exploit could cause certain...

Out-of-bounds

NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds write vulnerability. An unauthenticated attacker crafts malformed packets with specific parameter and sends the packets to the affected products. Due to insufficient...