Design/Logic Flaw

2017-12-2217:29:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.2%

JSON

RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input validation, a remote attacker could exploit these vulnerabilities by sending specially crafted SS7 related packets to the target devices. Successful exploit will cause out-of-bounds read and possibly crash the system.

CPENameOperatorVersion
rp200_firmwareeq500r2c0-v
rp200_firmwareeq600r6c0-v
te30_firmwareeq100r1c10-v
te30_firmwareeq500r2c0-v
te30_firmwareeq600r6c0-v
te40_firmwareeq500r2c0-v
te40_firmwareeq600r6c0-v
te50_firmwareeq500r2c0-v
te50_firmwareeq600r6c0-v
te60_firmwareeq100r1c10-v

Name	Operator	Version
rp200_firmware	eq	500r2c0-v
rp200_firmware	eq	600r6c0-v
te30_firmware	eq	100r1c10-v
te30_firmware	eq	500r2c0-v
te30_firmware	eq	600r6c0-v
te40_firmware	eq	500r2c0-v
te40_firmware	eq	600r6c0-v
te50_firmware	eq	500r2c0-v
te50_firmware	eq	600r6c0-v
te60_firmware	eq	100r1c10-v