Vulnerability CVE-2017-17143


Published: 2018-03-05

Description:
SIP module in Huawei DP300 V500R002C00; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC400; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; RP200 V500R002C00SPC200; V600R006C00; V600R006C00SPC200; RSE6500 V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC300T; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC700; V500R002C00T; TE30 V100R001C10; V100R001C10SPC100; V100R001C10SPC200B010; V100R001C10SPC300; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700B010; V100R001C10SPC800; V500R002C00SPC200; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; TE40 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; TE50 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; TE60 V100R001C01SPC100; V100R001C01SPC107TB010; V100R001C10; V100R001C10SPC300; V100R001C10SPC400; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700; V100R001C10SPC800; V100R001C10SPC900; V500R002C00; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; V500R002C00SPCb00; V500R002C00SPCd00; V600R006C00; V600R006C00SPC100; V600R006C00SPC200; V600R006C00SPC300; TP3106 V100R002C00; V100R002C00SPC200; V100R002C00SPC400; V100R002C00SPC600; V100R002C00SPC700; V100R002C00SPC800; TP3206 V100R002C00; V100R002C00SPC200; V100R002C00SPC400; V100R002C00SPC600; V100R002C00SPC700; V100R002C10; ViewPoint 9030 V100R011C02SPC100; V100R011C03B012SP15; V100R011C03B012SP16; V100R011C03B015SP03; V100R011C03LGWL01SPC100; V100R011C03SPC100; V100R011C03SPC200; V100R011C03SPC300; V100R011C03SPC400; V100R011C03SPC500; eSpace U1960 V200R003C30SPC200; eSpace U1981 V100R001C20SPC700; V200R003C20SPCa00 has an overflow vulnerability that the module cannot parse a malformed SIP message when validating variables. Attacker can exploit it to make one process reboot at random.

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

Vendor: Huawei
Product: Te60 firmware 
Version:
v600r006c00spc300
v600r006c00spc200
v600r006c00spc100
v600r006c00
v500r002c00spcd00
v500r002c00spcb00
v500r002c00spca00
v500r002c00spc900
v500r002c00spc800
v500r002c00spc700
v500r002c00spc600
v500r002c00spc300
v500r002c00spc200
v500r002c00spc100
v500r002c00
v100r001c10spc900
v100r001c10spc800
v100r001c10spc700
v100r001c10spc600
v100r001c10spc500
v100r001c10spc400
v100r001c10spc300
v100r001c10
v100r001c01spc107tb010
v100r001c01spc100
Product: Te50 firmware 
Version:
v600r006c00spc200
v600r006c00
v500r002c00spcb00
v500r002c00spc700
v500r002c00spc600
Product: Te40 firmware 
Version:
v600r006c00spc200
v600r006c00
v500r002c00spcb00
v500r002c00spc900
v500r002c00spc700
v500r002c00spc600
Product: Rp200 firmware 
Version:
v600r006c00spc200
v600r006c00
v500r002c00spc200
Product: Te30 firmware 
Version:
v600r006c00
v500r002c00spcb00
v500r002c00spc900
v500r002c00spc700
v500r002c00spc600
v500r002c00spc500
v500r002c00spc200
v100r001c10spc800
v100r001c10spc700b010
v100r001c10spc600
v100r001c10spc500
v100r001c10spc300
v100r001c10spc200b010
v100r001c10spc100
v100r001c10
Product: Rse6500 firmware 
Version:
v500r002c00t
v500r002c00spc700
v500r002c00spc600
v500r002c00spc500
v500r002c00spc300t
v500r002c00spc300
v500r002c00spc200
v500r002c00spc100
Product: Dp300 firmware 
Version:
v500r002c00spca00
v500r002c00spc900
v500r002c00spc800
v500r002c00spc600
v500r002c00spc500
v500r002c00spc400
v500r002c00spc300
v500r002c00spc200
v500r002c00spc100
v500r002c00
Product: Espace u1960 firmware 
Version: v200r003c30spc200;
Product: Espace u1981 firmware 
Version: v200r003c20spca00; v100r001c20spc700;
Product: Viewpoint 9030 firmware 
Version:
v100r011c03spc500
v100r011c03spc400
v100r011c03spc300
v100r011c03spc200
v100r011c03spc100
v100r011c03lgwl01spc100
v100r011c03b015sp03
v100r011c03b012sp16
v100r011c03b012sp15
v100r011c02spc100
Product: Tp3206 firmware 
Version:
v100r002c10
v100r002c00spc700
v100r002c00spc600
v100r002c00spc400
v100r002c00spc200
v100r002c00
Product: Tp3106 firmware 
Version:
v100r002c00spc800
v100r002c00spc700
v100r002c00spc600
v100r002c00spc400
v100r002c00spc200
v100r002c00

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-sip-en

Related CVE
CVE-2018-7900
There is an information leak vulnerability in some Huawei HG products. An attacker may obtain information about the HG device by exploiting this vulnerability.
CVE-2018-7956
Huawei VIP App is a mobile app for Malaysia customers that purchased P20 Series, Nova 3/3i and Mate 20. There is a vulnerability in versions before 4.0.5 that attackers can conduct bruteforce to the VIP App Web Services to get user information.
CVE-2018-7977
There is an information leakage vulnerability on several Huawei products. Due to insufficient communication protection for specific services, a remote, unauthorized attacker can exploit this vulnerability to connect to specific services to obtain add...
CVE-2018-7961
There is a smart SMS verification code vulnerability in some Huawei smart phones. An attacker should trick a user to access malicious Website or malicious App and register. Due to incorrect processing of the smart SMS verification code, successful ex...
CVE-2018-7960
There is a SRTP icon display vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept the packets in non-secure transmission mode. Successful exploitation may intercept and tamper with...
CVE-2018-7959
There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept and decrypt the call information when the user enables SRTP to make a call. Successful exploitation may ca...
CVE-2018-7958
There is an anonymous TLS cipher suites supported vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to hijack the connection from a client when the user signs up to log in by TLS. Due to ins...
CVE-2018-7926
Huawei Watch 2 with versions and earlier than OWDD.180707.001.E1 have an improper authorization vulnerability. Due to improper permission configuration for specific operations, an attacker who obtained the Huawei ID bound to the watch can bypass perm...

Copyright 2019, cxsecurity.com

 

Back to Top