CVE-2017-15320
HIGHHuawei RP200, TE30, TE40, TE50, TE60 - Out-of-bounds Read via SS7 Packet Processing
Title source: llmDescription
RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input validation, a remote attacker could exploit these vulnerabilities by sending specially crafted SS7 related packets to the target devices. Successful exploit will cause out-of-bounds read and possibly crash the system.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171101-01-sccpx-en
Scores
CVSS v3
7.5
EPSS
0.0129
EPSS Percentile
66.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-125
Status
published
Products (24)
huawei/rp200_firmware
v500r002c00
huawei/rp200_firmware
v600r006c00
huawei/te30_firmware
v100r001c10
huawei/te30_firmware
v500r002c00
huawei/te30_firmware
v600r006c00
huawei/te40_firmware
v500r002c00
huawei/te40_firmware
v600r006c00
huawei/te50_firmware
v500r002c00
huawei/te50_firmware
v600r006c00
huawei/te60_firmware
v100r001c10
... and 14 more
Published
Dec 22, 2017
Tracked Since
Feb 18, 2026