Description
There is an out of bound read vulnerability in some Huawei products. A remote, unauthenticated attacker may send a corrupt or crafted message to the affected products. Due to a buffer read overflow error when parsing the message, successful exploit may cause some service to be abnormal.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191023-01-buffer-en
Scores
CVSS v3
7.5
EPSS
0.0062
EPSS Percentile
70.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-125
Status
published
Products (46)
huawei/ar120-s_firmware
v200r005c20
huawei/ar120-s_firmware
v200r006c10
huawei/ar120-s_firmware
v200r007c00
huawei/ar1200-s_firmware
v200r005c20
huawei/ar1200-s_firmware
v200r006c10
huawei/ar1200-s_firmware
v200r007c00
huawei/ar1200_firmware
v200r005c20
huawei/ar1200_firmware
v200r006c10
huawei/ar1200_firmware
v200r007c00
huawei/ar150-s_firmware
v200r005c20
... and 36 more
Published
Nov 13, 2019
Tracked Since
Feb 18, 2026