Security Advisory - Buffer Error Vulnerability in Some Huawei Products

There are a buffer error vulnerability in Electronic Numbers to URI Mapping (ENUM) module some Huawei products. An unauthenticated, remote attacker has to control the peer device and send specially crafted ENUM packets to the affected products. Due to insufficient verification of some values in the packets, successful exploit may cause buffer error and some services abnormal. (Vulnerability ID: HWPSIRT-2017-10111)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-17310.

Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en