cve-2020-1875
Vulnerability from cvelistv5
Published
2020-02-28 18:05
Modified
2024-08-04 06:53
Severity ?
Summary
NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when an abnormal condition occurs in certain operation. Successful exploit could cause certain process reboot. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500;USG9500 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500.
References
psirt@huawei.comhttps://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-01-wildpointer-enVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-01-wildpointer-enVendor Advisory
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:53:58.739Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-01-wildpointer-en"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NIP6800;Secospace USG6600;USG9500",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "V500R001C30,V500R001C60SPC500"
            },
            {
              "status": "affected",
              "version": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when an abnormal condition occurs in certain operation. Successful exploit could cause certain process reboot. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500;USG9500 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Invalid Pointer Access",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-28T18:05:21",
        "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "shortName": "huawei"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-01-wildpointer-en"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "ID": "CVE-2020-1875",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NIP6800;Secospace USG6600;USG9500",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "V500R001C30,V500R001C60SPC500"
                          },
                          {
                            "version_value": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500"
                          },
                          {
                            "version_value": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when an abnormal condition occurs in certain operation. Successful exploit could cause certain process reboot. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500;USG9500 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Invalid Pointer Access"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-01-wildpointer-en",
              "refsource": "MISC",
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-01-wildpointer-en"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
    "assignerShortName": "huawei",
    "cveId": "CVE-2020-1875",
    "datePublished": "2020-02-28T18:05:21",
    "dateReserved": "2019-11-29T00:00:00",
    "dateUpdated": "2024-08-04T06:53:58.739Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:nip6800_firmware:v500r001c30:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B3D681F-E141-4BB1-9437-8BFE286CB164\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:nip6800_firmware:v500r001c60spc500:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C38F1E7A-0347-4E45-A0B6-CB8CE0D8A07E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"875441DD-575F-4F4D-A6BD-23C38641D330\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc200:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1CA7BE1F-853E-4CBA-8A90-BAEA0BCC6A97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc600:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B80E521E-1BFB-405E-9F8E-4A0734731FD0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60spc500:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5226BD96-2B00-469B-AADD-CD0541610BBD\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE469876-F873-4705-9760-097AE840A818\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc200:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C0BF5257-8CD1-4951-9C53-07B85D468F8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc600:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E2CDEF7-F8C8-482E-B43D-DB3F0CE010F8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:usg9500_firmware:v500r001c60spc500:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A1EFB9D-5349-4EAF-9880-34F0D20011E4\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B6064BB-5E62-4D70-B933-05B5426EEE9C\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when an abnormal condition occurs in certain operation. Successful exploit could cause certain process reboot. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500;USG9500 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500.\"}, {\"lang\": \"es\", \"value\": \"Los productos NIP6800; Secospace USG6600; USG9500 versiones de V500R001C30; V500R001C60SPC500; V500R005C00SPC100, presentan una vulnerabilidad de acceso de puntero no v\\u00e1lido. El sistema del software accede a un puntero no v\\u00e1lido cuando ocurre una condici\\u00f3n anormal en determinada operaci\\u00f3n. Una explotaci\\u00f3n con \\u00e9xito podr\\u00eda causar el reinicio de un determinado proceso. Los productos afectados incluyen: NIP6800 versiones V500R001C30, V500R001C60SPC500; Secospace USG6600 versiones V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500; USG9500 versiones V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500.\"}]",
      "id": "CVE-2020-1875",
      "lastModified": "2024-11-21T05:11:31.483",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 2.1, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2020-02-28T19:15:11.967",
      "references": "[{\"url\": \"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-01-wildpointer-en\", \"source\": \"psirt@huawei.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-01-wildpointer-en\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "psirt@huawei.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-824\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-1875\",\"sourceIdentifier\":\"psirt@huawei.com\",\"published\":\"2020-02-28T19:15:11.967\",\"lastModified\":\"2024-11-21T05:11:31.483\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when an abnormal condition occurs in certain operation. Successful exploit could cause certain process reboot. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500;USG9500 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500.\"},{\"lang\":\"es\",\"value\":\"Los productos NIP6800; Secospace USG6600; USG9500 versiones de V500R001C30; V500R001C60SPC500; V500R005C00SPC100, presentan una vulnerabilidad de acceso de puntero no v\u00e1lido. El sistema del software accede a un puntero no v\u00e1lido cuando ocurre una condici\u00f3n anormal en determinada operaci\u00f3n. Una explotaci\u00f3n con \u00e9xito podr\u00eda causar el reinicio de un determinado proceso. Los productos afectados incluyen: NIP6800 versiones V500R001C30, V500R001C60SPC500; Secospace USG6600 versiones V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500; USG9500 versiones V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-824\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:nip6800_firmware:v500r001c30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B3D681F-E141-4BB1-9437-8BFE286CB164\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:nip6800_firmware:v500r001c60spc500:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C38F1E7A-0347-4E45-A0B6-CB8CE0D8A07E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"875441DD-575F-4F4D-A6BD-23C38641D330\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc200:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CA7BE1F-853E-4CBA-8A90-BAEA0BCC6A97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc600:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B80E521E-1BFB-405E-9F8E-4A0734731FD0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60spc500:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5226BD96-2B00-469B-AADD-CD0541610BBD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE469876-F873-4705-9760-097AE840A818\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc200:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0BF5257-8CD1-4951-9C53-07B85D468F8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc600:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E2CDEF7-F8C8-482E-B43D-DB3F0CE010F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:usg9500_firmware:v500r001c60spc500:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A1EFB9D-5349-4EAF-9880-34F0D20011E4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B6064BB-5E62-4D70-B933-05B5426EEE9C\"}]}]}],\"references\":[{\"url\":\"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-01-wildpointer-en\",\"source\":\"psirt@huawei.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200219-01-wildpointer-en\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.