CVE-2019-5293
MEDIUMHuawei AR/NetEngine16EX Firmware Memory Leak via Message Handling
Title source: llmDescription
Some Huawei products have a memory leak vulnerability when handling some messages. A remote attacker with operation privilege could exploit the vulnerability by sending specific messages continuously. Successful exploit may cause some service to be abnormal.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191023-01-memory-en
Scores
CVSS v3
6.5
EPSS
0.0037
EPSS Percentile
58.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-401
Status
published
Products (31)
huawei/ar120-s_firmware
v200r005c20
huawei/ar120-s_firmware
v200r006c10
huawei/ar1200-s_firmware
v200r005c20
huawei/ar1200-s_firmware
v200r006c10
huawei/ar1200_firmware
v200r005c20
huawei/ar1200_firmware
v200r006c10
huawei/ar150-s_firmware
v200r005c20
huawei/ar150-s_firmware
v200r006c10
huawei/ar150_firmware
v200r005c20
huawei/ar150_firmware
v200r006c10
... and 21 more
Published
Nov 13, 2019
Tracked Since
Feb 18, 2026