CVE-2017-15319

HIGH

Huawei RP200, TE30, TE40, TE50, TE60 - Out-of-bounds Read via SS7 Packet Processing

Title source: llm
STIX 2.1

Description

RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input validation, a remote attacker could exploit these vulnerabilities by sending specially crafted SS7 related packets to the target devices. Successful exploit will cause out-of-bounds read and possibly crash the system.

References (1)

Core 1
Core References

Scores

CVSS v3 7.5
EPSS 0.0129
EPSS Percentile 66.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-125
Status published
Products (24)
huawei/rp200_firmware v500r002c00
huawei/rp200_firmware v600r006c00
huawei/te30_firmware v100r001c10
huawei/te30_firmware v500r002c00
huawei/te30_firmware v600r006c00
huawei/te40_firmware v500r002c00
huawei/te40_firmware v600r006c00
huawei/te50_firmware v500r002c00
huawei/te50_firmware v600r006c00
huawei/te60_firmware v100r001c10
... and 14 more
Published Dec 22, 2017
Tracked Since Feb 18, 2026