Buffer overflow

2020-07-0817:15:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.8%

JSON

The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en.

CPENameOperatorVersion
ar120-s_firmwareeq200r6c10-v
ar120-s_firmwareeq200r7c0-v
ar120-s_firmwareeq200r8c20-v
ar120-s_firmwareeq200r8c30-v
ar1200-s_firmwareeq200r6c10-v
ar1200-s_firmwareeq200r7c0-v
ar1200-s_firmwareeq200r8c20-v
ar1200-s_firmwareeq200r8c30-v
ar1200_firmwareeq200r6c10-v
ar1200_firmwareeq200r6c13-v

Name	Operator	Version
ar120-s_firmware	eq	200r6c10-v
ar120-s_firmware	eq	200r7c0-v
ar120-s_firmware	eq	200r8c20-v
ar120-s_firmware	eq	200r8c30-v
ar1200-s_firmware	eq	200r6c10-v
ar1200-s_firmware	eq	200r7c0-v
ar1200-s_firmware	eq	200r8c20-v
ar1200-s_firmware	eq	200r8c30-v
ar1200_firmware	eq	200r6c10-v
ar1200_firmware	eq	200r6c13-v