Description
Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing of malformed H323 messages. A remote attacker that controls a server could exploit this vulnerability by sending malformed H323 reply messages to a target device. Successful exploit could make the device read out of bounds and probably make a service unavailable.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en
Scores
CVSS v3
5.9
EPSS
0.0026
EPSS Percentile
49.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-125
Status
published
Products (13)
huawei/dp300_firmware
v500r002c00
huawei/rp200_firmware
v500r002c00
huawei/rp200_firmware
v600r006c00
huawei/te30_firmware
v100r001c10
huawei/te30_firmware
v500r002c00
huawei/te30_firmware
v600r006c00
huawei/te40_firmware
v500r002c00
huawei/te40_firmware
v600r006c00
huawei/te50_firmware
v500r002c00
huawei/te50_firmware
v600r006c00
... and 3 more
Published
Mar 09, 2018
Tracked Since
Feb 18, 2026