Huawei Data Communication: Two Vulnerabilities in Some Huawei Products (huawei-sa-20171018-01-h323)
There is a DoS vulnerability in some Huawei...
6.5CVSS
6.5AI Score
0.001EPSS
Huawei Data Communication: DoS Vulnerability in Huawei Firewall (huawei-sa-20161214-01-firewall)
There is a denial of service (DoS) vulnerability in Huawei firewalls due to no memory release after the execution of a specific...
6.5CVSS
6.5AI Score
0.001EPSS
Some Huawei products have a MaxAge LSA vulnerability due to improper OSPF...
7.5CVSS
7.6AI Score
0.001EPSS
Some Huawei devices have an integer overflow...
5.9CVSS
6AI Score
0.002EPSS
Security Advisory - Improper Authentication Vulnerability in Several Huawei Products
Some Huawei products have an improper authentication vulnerability. Attackers need to perform some operations to exploit the vulnerability. Successful exploit may obtain certain permissions on the device. (Vulnerability ID: HWPSIRT-2020-03160) This vulnerability has been assigned a Common...
9.8CVSS
8.8AI Score
0.003EPSS
NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds write vulnerability. An unauthenticated attacker crafts malformed packets with specific parameter and sends the packets to the affected products. Due to insufficient...
7.5CVSS
7.6AI Score
0.001EPSS
NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when administrator log in to the device and performs some operations. Successful exploit could cause...
4.4CVSS
4.7AI Score
0.0004EPSS
NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when administrator log in to the device and performs some operations. Successful exploit could cause...
4.4CVSS
4.6AI Score
0.0004EPSS
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of...
7.5CVSS
7.4AI Score
0.001EPSS
NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds write vulnerability. An unauthenticated attacker crafts malformed packets with specific parameter and sends the packets to the affected products. Due to insufficient...
7.5CVSS
7.6AI Score
0.001EPSS
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of...
7.5CVSS
7.4AI Score
0.001EPSS
NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when an abnormal condition occurs in certain operation. Successful exploit could cause certain...
5.5CVSS
5.5AI Score
0.0004EPSS
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an access control bypass vulnerability. Attackers that can access to the internal network can exploit this vulnerability with careful deployment. Successful exploit may cause the...
7.5CVSS
7.5AI Score
0.001EPSS
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds read vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient...
7.5CVSS
7.4AI Score
0.001EPSS
NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have a invalid pointer access vulnerability. The software system access an invalid pointer when operator logs in to the device and performs some operations. Successful exploit could cause...
5.5CVSS
5.4AI Score
0.0004EPSS
NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have a invalid pointer access vulnerability. The software system access an invalid pointer when operator logs in to the device and performs some operations. Successful exploit could cause...
5.5CVSS
5.4AI Score
0.0004EPSS
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds read vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient...
7.5CVSS
7.5AI Score
0.001EPSS
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an access control bypass vulnerability. Attackers that can access to the internal network can exploit this vulnerability with careful deployment. Successful exploit may cause the...
7.5CVSS
7.6AI Score
0.001EPSS
NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when an abnormal condition occurs in certain operation. Successful exploit could cause certain...
5.5CVSS
5.5AI Score
0.0004EPSS
NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when an abnormal condition occurs in certain operation. Successful exploit could cause certain...
5.5CVSS
5.4AI Score
0.0004EPSS
NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds write vulnerability. An unauthenticated attacker crafts malformed packets with specific parameter and sends the packets to the affected products. Due to insufficient...
7.5CVSS
7.6AI Score
0.001EPSS
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of...
7.5CVSS
7.4AI Score
0.001EPSS
NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have a invalid pointer access vulnerability. The software system access an invalid pointer when operator logs in to the device and performs some operations. Successful exploit could cause...
5.5CVSS
5.4AI Score
0.0004EPSS
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds read vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient...
7.5CVSS
7.4AI Score
0.001EPSS
NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when administrator log in to the device and performs some operations. Successful exploit could cause...
4.4CVSS
4.7AI Score
0.0004EPSS
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an access control bypass vulnerability. Attackers that can access to the internal network can exploit this vulnerability with careful deployment. Successful exploit may cause the...
7.5CVSS
7.5AI Score
0.001EPSS
NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when administrator log in to the device and performs some operations. Successful exploit could cause...
4.7AI Score
0.0004EPSS
NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds write vulnerability. An unauthenticated attacker crafts malformed packets with specific parameter and sends the packets to the affected products. Due to insufficient...
7.7AI Score
0.001EPSS
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of...
7.5AI Score
0.001EPSS
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an access control bypass vulnerability. Attackers that can access to the internal network can exploit this vulnerability with careful deployment. Successful exploit may cause the...
7.6AI Score
0.001EPSS
NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have a invalid pointer access vulnerability. The software system access an invalid pointer when operator logs in to the device and performs some operations. Successful exploit could cause...
5.4AI Score
0.0004EPSS
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds read vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient...
7.5AI Score
0.001EPSS
NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when an abnormal condition occurs in certain operation. Successful exploit could cause certain...
5.5AI Score
0.0004EPSS
Security Advisory - Access Control Bypass Vulnerability in Some Huawei Products
There is an access control bypass vulnerability in some Huawei products. Attackers that can access to the internal network can exploit this vulnerability with careful deployment. Successful exploit may cause the access control to be bypassed, and attackers can directly access the Internet....
7.5CVSS
7.1AI Score
0.001EPSS
Security Advisory - Invalid Pointer Access Vulnerability in Some Huawei Products
There is an invalid pointer access vulnerability in some products. The software system access an invalid pointer when an abnormal condition occurs in certain operation. Successful exploit could cause certain process reboot. (Vulnerability ID: HWPSIRT-2019-12411) This vulnerability has been...
5.5CVSS
5.4AI Score
0.0004EPSS
Security Advisory - Out-of-bounds Write Vulnerability in Some Huawei Products
There is an out-of-bounds write vulnerability in some products. An unauthenticated attacker crafts malformed packets with specific parameter and sends the packets to the affected products. Due to insufficient validation of packets, which may be exploited to cause the process reboot. (Vulnerability....
7.5CVSS
7.2AI Score
0.001EPSS
Security Advisory - Out-of-bounds Read Vulnerability in Some Huawei Products
There is an out-of-bounds read vulnerability in some huawei products. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the device reboot....
7.5CVSS
7.1AI Score
0.001EPSS
Security Advisory - Resource Management Error Vulnerability on Some Huawei Products
Some Huawei products have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices.....
7.5CVSS
7.1AI Score
0.001EPSS
Security Advisory - Invalid Pointer Access Vulnerability in Some Huawei Products
There is an invalid pointer access vulnerability in some products. The software system access an invalid pointer when administrator log in to the device and performs some operations. Successful exploit could cause certain process reboot. (Vulnerability ID: HWPSIRT-2019-12412) This vulnerability...
4.4CVSS
4.6AI Score
0.0004EPSS
Security Advisory - Invalid Pointer Access Vulnerability in Some Huawei Products
There is a invalid pointer access vulnerability in some products. The software system access an invalid pointer when operator logs in to the device and performs some operations. Successful exploit could cause certain process reboot. (Vulnerability ID: HWPSIRT-2019-12413) This vulnerability has...
5.5CVSS
5.4AI Score
0.0004EPSS
Security Advisory - Denial of Service Vulnerability in Some Huawei Products
There is a denial of service vulnerability in some Huawei products. In some abnormal cases, the software doesn't correctly process data. An attacker can exploit this vulnerability to cause new connections can't be established. (Vulnerability ID: HWPSIRT-2019-12400) This vulnerability has been...
7.5CVSS
6.9AI Score
0.001EPSS
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability. An authenticated attacker may do some special operations in...
5.3CVSS
5.1AI Score
0.001EPSS
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability. An authenticated attacker may do some special operations in...
5.3CVSS
5.1AI Score
0.001EPSS
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability. An authenticated attacker may do some special operations in...
5.3CVSS
5.1AI Score
0.001EPSS
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Dangling pointer dereference vulnerability. An authenticated attacker may do some special operations in...
5.2AI Score
0.001EPSS
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Denial of Service (DoS) vulnerability. Due to improper processing of specific IPSEC packets, remote...
7.5CVSS
7.5AI Score
0.002EPSS
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a memory leak vulnerability. The software does not sufficiently track and release allocated memory while...
7.5CVSS
7.4AI Score
0.001EPSS
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a memory leak vulnerability. The software does not sufficiently track and release allocated memory while...
7.5CVSS
7.4AI Score
0.001EPSS
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Denial of Service (DoS) vulnerability. Due to improper processing of specific IPSEC packets, remote...
7.5CVSS
7.5AI Score
0.002EPSS
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a vulnerability that a memory management error exists when IPSec Module handing a specific message. This...
5.3CVSS
5.2AI Score
0.001EPSS