CVE-2020-9085 – A NULL pointer dereference vulnerability in cer... (How to Fix)

Q: What is the severity of CVE-2020-9085?

CVE-2020-9085 has a CVSS score of 5.3 (MEDIUM). A NULL pointer dereference vulnerability in certain Huawei products allows attackers to cause denial of service by sending specially crafted POST messages. This affects specific Huawei products with insufficient parameter validation, potentially causing abnormal process termination. Organizations using affected Huawei products are vulnerable.

📋 TL;DR

A NULL pointer dereference vulnerability in certain Huawei products allows attackers to cause denial of service by sending specially crafted POST messages. This affects specific Huawei products with insufficient parameter validation, potentially causing abnormal process termination. Organizations using affected Huawei products are vulnerable.

💻 Affected Systems

Products:

Various Huawei products (specific models not detailed in CVE description)

Versions: Not specified in CVE description

Operating Systems: Not specified - likely embedded systems running Huawei firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability affects multiple Huawei products but specific models and versions are detailed in the Huawei advisory linked in references

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete denial of service affecting critical system processes, potentially disrupting device functionality

🟠

Likely Case

Service disruption or process crashes affecting specific functionality of the vulnerable product

🟢

If Mitigated

Minimal impact with proper network segmentation and input validation controls

🌐 Internet-Facing: MEDIUM - Requires sending POST messages to vulnerable interface, but many affected products may be internet-facing

🏢 Internal Only: MEDIUM - Internal attackers could exploit if they have network access to vulnerable interfaces

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires crafting specific POST messages but doesn't require authentication. No public exploit code is mentioned.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to Huawei security advisory for specific fixed versions

Vendor Advisory: https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200826-01-pointer_en

Restart Required: Yes

Instructions:

1. Check Huawei advisory for affected products. 2. Apply vendor-provided patches. 3. Restart affected devices. 4. Verify patch installation.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to vulnerable interfaces using firewalls or network ACLs

Input Validation

all

Implement additional input validation at network perimeter if possible

🧯 If You Can't Patch

Implement strict network segmentation to isolate affected devices
Monitor for abnormal POST requests to vulnerable interfaces

🔍 How to Verify

Check if Vulnerable:

Check Huawei advisory for specific affected products and versions, then compare with your inventory

Check Version:

Vendor-specific commands vary by product - consult Huawei documentation

Verify Fix Applied:

Verify patch installation through vendor update mechanisms and check version numbers

📡 Detection & Monitoring

Log Indicators:

Abnormal process termination logs
Failed POST request attempts with malformed parameters

Network Indicators:

Unusual POST requests to Huawei device management interfaces
Traffic patterns indicating denial of service attempts

SIEM Query:

source="huawei_device" AND (event_type="process_crash" OR http_method="POST" AND status_code="400")

📊 Metadata

CVE ID: CVE-2020-9085

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE: CWE-476

Published: December 27, 2024

Last Updated: January 13, 2025

🔗 References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200826-01-pointer_en Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-9085, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

B612 Firmware by Huawei

B612 Firmware by Huawei

B612 Firmware by Huawei

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Network Segmentation

Input Validation

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities