Out-of-bounds

2019-12-1323:15:00

PRIOn knowledge base

www.prio-n.com

8.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.6%

JSON

Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal.

CPENameOperatorVersion
ap2000_firmwareeq200r5c30-v
ap2000_firmwareeq200r6c10-v
ap2000_firmwareeq200r6c20-v
ap2000_firmwareeq200r7c10-v
ap2000_firmwareeq200r7c20-v
ap2000_firmwareeq200r8c0-v
ap2000_firmwareeq200r8c10-v
ap2000_firmwareeq200r9c0-v
espace_u1981_firmwareeq200r3c50spc700-v
ips_firmwareeq500r1c0spc300-v

Name	Operator	Version
ap2000_firmware	eq	200r5c30-v
ap2000_firmware	eq	200r6c10-v
ap2000_firmware	eq	200r6c20-v
ap2000_firmware	eq	200r7c10-v
ap2000_firmware	eq	200r7c20-v
ap2000_firmware	eq	200r8c0-v
ap2000_firmware	eq	200r8c10-v
ap2000_firmware	eq	200r9c0-v
espace_u1981_firmware	eq	200r3c50spc700-v
ips_firmware	eq	500r1c0spc300-v