Description
There is a buffer overflow vulnerability in some Huawei products. The vulnerability can be exploited by an attacker to perform remote code execution on the affected products when the affected product functions as an optical line terminal (OLT). Affected product versions include:SmartAX MA5600T versions V800R013C10, V800R015C00, V800R015C10, V800R017C00, V800R017C10, V800R018C00, V800R018C10; SmartAX MA5800 versions V100R017C00, V100R017C10, V100R018C00, V100R018C10, V100R019C10; SmartAX EA5800 versions V100R018C00, V100R018C10, V100R019C10.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200401-01-overflow-en
Scores
CVSS v3
8.0
EPSS
0.0018
EPSS Percentile
38.9%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-120
Status
published
Products (15)
huawei/smartax_ea5800_firmware
v100r018c00
huawei/smartax_ea5800_firmware
v100r018c10
huawei/smartax_ea5800_firmware
v100r019c10
huawei/smartax_ma5600t_firmware
v800r013c10
huawei/smartax_ma5600t_firmware
v800r015c00
huawei/smartax_ma5600t_firmware
v800r015c10
huawei/smartax_ma5600t_firmware
v800r017c00
huawei/smartax_ma5600t_firmware
v800r017c10
huawei/smartax_ma5600t_firmware
v800r018c00
huawei/smartax_ma5600t_firmware
v800r018c10
... and 5 more
Published
Apr 02, 2020
Tracked Since
Feb 18, 2026