CVE-2020-9213

There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft many specific packets. Successful exploit may cause some services to be abnormal. Affected products include some versions of NGFW Module, NIP6300, NIP6600, NIP6800, Secospace USG6300, Secospace USG6500, Secospace USG6600 and SG9500.

Published: Mar 22, 2021
Updated: Apr 14, 2023
CVE: CVE-2020-9213
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
huawei / ngfw_module_firmware	500r005c00	500r005c00.x
huawei / nip6300_firmware	500r001c30	500r001c30.x
huawei / nip6300_firmware	500r001c60	500r001c60.x
huawei / nip6300_firmware	500r005c00	500r005c00.x
huawei / nip6600_firmware	500r001c30	500r001c30.x
huawei / nip6600_firmware	500r001c60	500r001c60.x
huawei / nip6600_firmware	500r005c00	500r005c00.x
huawei / nip6800_firmware	500r001c60	500r001c60.x
huawei / nip6800_firmware	500r005c00	500r005c00.x
huawei / secospace_usg6300_firmware	500r001c30	500r001c30.x
huawei / secospace_usg6300_firmware	500r001c60	500r001c60.x
huawei / secospace_usg6300_firmware	500r005c00	500r005c00.x
huawei / secospace_usg6500_firmware	500r001c30	500r001c30.x
huawei / secospace_usg6500_firmware	500r001c60	500r001c60.x
huawei / secospace_usg6500_firmware	500r005c00	500r005c00.x
huawei / secospace_usg6600_firmware	500r001c30	500r001c30.x
huawei / secospace_usg6600_firmware	500r001c60	500r001c60.x
huawei / secospace_usg6600_firmware	500r005c00	500r005c00.x
huawei / usg9500_firmware	500r001c30	500r001c30.x
huawei / usg9500_firmware	500r001c60	500r001c60.x
huawei / usg9500_firmware	500r005c00	500r005c00.x

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-02-dos-en

Vulnerability Database

289,599

CVE-2020-9213