CVE-2016-5435

MEDIUM

Huawei Firmware - Resource Management Error

Title source: rule

Description

Memory leak in Huawei IPS Module, NGFW Module, NIP6300, NIP6600, and Secospace USG6300, USG6500, USG6600, USG9500, and AntiDDoS8000 V500R001C00 before V500R001C20SPC100, when in hot standby networking where two devices are not directly connected, allows remote attackers to cause a denial of service (memory consumption and reboot) via a crafted packet.

References (1)

[Vendor Advisory] http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160615-01-standby-en

Scores

CVSS v3 5.9

EPSS 0.0015

EPSS Percentile 34.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-399

Status draft

Affected Products (1)

huawei/huawei_firmware

Timeline

Published Jun 24, 2016

Tracked Since Feb 18, 2026