CVE-2020-1829

Summary

Huawei NIP6800 versions V500R001C30 and V500R001C60SPC500; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, and V500R001C60SPC500 have a vulnerability that the IPSec module handles a message improperly. Attackers can send specific message to cause double free memory. This may compromise normal service.

Affected Software

VendorProductVersion RangeStatus
HuaweiNIP6800V500R001C30affected
HuaweiNIP6800V500R001C60SPC500affected
HuaweiSecospace USG6600V500R001C30SPC200affected
HuaweiSecospace USG6600V500R001C30SPC600affected
HuaweiSecospace USG6600V500R001C60SPC500affected
HuaweiUSG9500V500R001C30SPC200affected
HuaweiUSG9500V500R001C30SPC600affected
HuaweiUSG9500V500R001C60SPC500affected

Weaknesses

  • Double Free Memory

ADP Enrichment

CVE Program Container

Additional References

References