6.5

CVE-2020-9071

There is a few bytes out-of-bounds read vulnerability in some Huawei products. The software reads data past the end of the intended buffer when parsing certain message, an authenticated attacker could exploit this vulnerability by sending crafted messages to the device. Successful exploit may cause service abnormal in specific scenario.Affected product versions include:AR120-S versions V200R007C00SPC900,V200R007C00SPCa00

Data is provided by the National Vulnerability Database (NVD)
HuaweiAr120-s Firmware Versionv200r007c00spc900
   HuaweiAr120-s Version-
HuaweiAr120-s Firmware Versionv200r007c00spca00
   HuaweiAr120-s Version-
HuaweiAr120-s Firmware Versionv200r007c00spcb00
   HuaweiAr120-s Version-
HuaweiAr120-s Firmware Versionv200r007c00spcc00
   HuaweiAr120-s Version-
HuaweiAr1200 Firmware Versionv200r007c00spc900
   HuaweiAr1200 Version-
HuaweiAr1200 Firmware Versionv200r007c00spc900pwe
   HuaweiAr1200 Version-
HuaweiAr1200 Firmware Versionv200r007c00spca00
   HuaweiAr1200 Version-
HuaweiAr1200 Firmware Versionv200r007c00spcb00
   HuaweiAr1200 Version-
HuaweiAr1200 Firmware Versionv200r007c00spcb00pwe
   HuaweiAr1200 Version-
HuaweiAr1200 Firmware Versionv200r007c00spcc00
   HuaweiAr1200 Version-
HuaweiAr1200-s Firmware Versionv200r007c00spc900
   HuaweiAr1200-s Version-
HuaweiAr1200-s Firmware Versionv200r007c00spcb00
   HuaweiAr1200-s Version-
HuaweiAr1200-s Firmware Versionv200r007c00spcc00
   HuaweiAr1200-s Version-
HuaweiAr150 Firmware Versionv200r007c00spc900
   HuaweiAr150 Version-
HuaweiAr150 Firmware Versionv200r007c00spc900pwe
   HuaweiAr150 Version-
HuaweiAr150 Firmware Versionv200r007c00spcb00
   HuaweiAr150 Version-
HuaweiAr150 Firmware Versionv200r007c00spcb00pwe
   HuaweiAr150 Version-
HuaweiAr150 Firmware Versionv200r007c00spcc00
   HuaweiAr150 Version-
HuaweiAr150-s Firmware Versionv200r007c00spc900
   HuaweiAr150-s Version-
HuaweiAr150-s Firmware Versionv200r007c00spcb00
   HuaweiAr150-s Version-
HuaweiAr150-s Firmware Versionv200r007c00spcc00
   HuaweiAr150-s Version-
HuaweiAr160 Firmware Versionv200r007c00spc900
   HuaweiAr160 Version-
HuaweiAr160 Firmware Versionv200r007c00spc900pwe
   HuaweiAr160 Version-
HuaweiAr160 Firmware Versionv200r007c00spcb00
   HuaweiAr160 Version-
HuaweiAr160 Firmware Versionv200r007c00spcb00pwe
   HuaweiAr160 Version-
HuaweiAr160 Firmware Versionv200r007c00spcc00
   HuaweiAr160 Version-
HuaweiAr200 Firmware Versionv200r007c00spc900
   HuaweiAr200 Version-
HuaweiAr200 Firmware Versionv200r007c00spc900pwe
   HuaweiAr200 Version-
HuaweiAr200 Firmware Versionv200r007c00spcb00
   HuaweiAr200 Version-
HuaweiAr200 Firmware Versionv200r007c00spcb00pwe
   HuaweiAr200 Version-
HuaweiAr200 Firmware Versionv200r007c00spcc00
   HuaweiAr200 Version-
HuaweiAr200-s Firmware Versionv200r007c00spc900
   HuaweiAr200-s Version-
HuaweiAr200-s Firmware Versionv200r007c00spcb00
   HuaweiAr200-s Version-
HuaweiAr200-s Firmware Versionv200r007c00spcc00
   HuaweiAr200-s Version-
HuaweiAr2200 Firmware Versionv200r007c00spc900
   HuaweiAr2200 Version-
HuaweiAr2200 Firmware Versionv200r007c00spc900pwe
   HuaweiAr2200 Version-
HuaweiAr2200 Firmware Versionv200r007c00spca00
   HuaweiAr2200 Version-
HuaweiAr2200 Firmware Versionv200r007c00spcb00
   HuaweiAr2200 Version-
HuaweiAr2200 Firmware Versionv200r007c00spcb00pwe
   HuaweiAr2200 Version-
HuaweiAr2200 Firmware Versionv200r007c00spcc00
   HuaweiAr2200 Version-
HuaweiAr2200-s Firmware Versionv200r007c00spc900
   HuaweiAr2200-s Version-
HuaweiAr2200-s Firmware Versionv200r007c00spcb00
   HuaweiAr2200-s Version-
HuaweiAr2200-s Firmware Versionv200r007c00spcc00
   HuaweiAr2200-s Version-
HuaweiAr3200 Firmware Versionv200r007c00
   HuaweiAr3200 Version-
HuaweiAr3200 Firmware Versionv200r007c00spc900
   HuaweiAr3200 Version-
HuaweiAr3200 Firmware Versionv200r007c00spc900pwe
   HuaweiAr3200 Version-
HuaweiAr3200 Firmware Versionv200r007c00spca00
   HuaweiAr3200 Version-
HuaweiAr3200 Firmware Versionv200r007c00spcb00
   HuaweiAr3200 Version-
HuaweiAr3200 Firmware Versionv200r007c00spcb00pwe
   HuaweiAr3200 Version-
HuaweiAr3200 Firmware Versionv200r007c00spcc00
   HuaweiAr3200 Version-
HuaweiAr3600 Firmware Versionv200r007c00spc900
   HuaweiAr3600 Version-
HuaweiAr3600 Firmware Versionv200r007c00spc900pwe
   HuaweiAr3600 Version-
HuaweiAr3600 Firmware Versionv200r007c00spcb00
   HuaweiAr3600 Version-
HuaweiAr3600 Firmware Versionv200r007c00spcb00pwe
   HuaweiAr3600 Version-
HuaweiAr3600 Firmware Versionv200r007c00spcc00
   HuaweiAr3600 Version-
HuaweiAr510 Firmware Versionv200r007c00spc900
   HuaweiAr510 Version-
HuaweiNetengine16ex Firmware Versionv200r007c00spc900
   HuaweiNetengine16ex Version-
HuaweiNetengine16ex Firmware Versionv200r007c00spcb00
   HuaweiNetengine16ex Version-
HuaweiNetengine16ex Firmware Versionv200r007c00spcc00
   HuaweiNetengine16ex Version-
HuaweiSrg1300 Firmware Versionv200r007c00spc900
   HuaweiSrg1300 Version-
HuaweiSrg1300 Firmware Versionv200r007c00spcb00
   HuaweiSrg1300 Version-
HuaweiSrg1300 Firmware Versionv200r007c00spcc00
   HuaweiSrg1300 Version-
HuaweiSrg2300 Firmware Versionv200r007c00spc900
   HuaweiSrg2300 Version-
HuaweiSrg2300 Firmware Versionv200r007c00spcb00
   HuaweiSrg2300 Version-
HuaweiSrg2300 Firmware Versionv200r007c00spcc00
   HuaweiSrg2300 Version-
HuaweiSrg3300 Firmware Versionv200r007c00spc900
   HuaweiSrg3300 Version-
HuaweiSrg3300 Firmware Versionv200r007c00spcb00
   HuaweiSrg3300 Version-
HuaweiSrg3300 Firmware Versionv200r007c00spcc00
   HuaweiSrg3300 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.17% 0.343
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 6.5 2.8 3.6
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:N/I:N/A:P
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.