Vulnerability CVE-2019-5300


Published: 2019-06-04

Description:
There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the affected device. A local attacker with high privilege may exploit the vulnerability to bypass integrity checks for software images and install a malicious software image on the affected device.

Type:

CWE-347

(Improper Verification of Cryptographic Signature)

Vendor: Huawei
Product: Ar3200 firmware 
Version:
v200r010c00
v200r009c00
v200r008c50
v200r008c20
v200r007c00
Product: Ar2200s firmware 
Version:
v200r010c00
v200r009c00
v200r008c50
v200r008c20
v200r007c00
Product: Ar2200 firmware 
Version:
v200r010c00
v200r009c00
v200r008c50
v200r008c20
v200r007c00
Product: Ar200 firmware 
Version:
v200r010c00
v200r009c00
v200r008c50
v200r008c20
v200r007c00
Product: Ar160 firmware 
Version:
v200r010c00
v200r009c00
v200r008c50
v200r008c20
v200r007c00
Product: Srg3300 firmware 
Version:
v200r010c00
v200r009c00
v200r008c50
v200r007c00
Product: Ar150 firmware 
Version:
v200r010c00
v200r009c00
v200r008c50
v200r008c20
v200r007c00
Product: Ar1200 firmware 
Version:
v200r010c00
v200r009c00
v200r008c50
v200r008c20
v200r007c00
Product: Ar1200-s firmware 
Version:
v200r010c00
v200r009c00
v200r008c50
v200r008c20
v200r007c00
Product: Srg1300 firmware 
Version:
v200r010c00
v200r009c00
v200r008c50
v200r007c00
Product: Srg2300 firmware 
Version:
v200r010c00
v200r009c00
v200r008c50
v200r007c00

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.6/10
6.4/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en

Related CVE
CVE-2019-5263
HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305(MAC) and earlier versions and HwBackup with earlier versions before 9.1.1.308 have a brute forcing encrypted backup data vulnerability. Huawei smartphone user backup information can be obtaine...
CVE-2019-5289
Gauss100 OLTP database in ManageOne with versions of 6.5.0 have an out-of-bounds read vulnerability due to the insufficient checks of the specific packet length. Attackers can construct invalid packets to attack the active and standby communication c...
CVE-2019-5280
The SIP TLS module of Huawei CloudLink Phone 7900 with V600R019C10 has a TLS certificate verification vulnerability. Due to insufficient verification of specific parameters of the TLS server certificate, attackers can perform man-in-the-middle attack...
CVE-2019-5223
PCManager 9.1.3.1 has an improper authentication vulnerability. The certain driver interface of the software does not perform a validation of user-mode data properly, successful exploit could result in malicious code execution.
CVE-2019-5236
Huawei smart phones Emily-L29C with versions of 8.1.0.132a(C432), 8.1.0.135(C782), 8.1.0.154(C10), 8.1.0.154(C461), 8.1.0.154(C635), 8.1.0.156(C185), 8.1.0.156(C605), 8.1.0.159(C636) have a double free vulnerability. An attacker can trick a user to c...
CVE-2019-5222
There is an information disclosure vulnerability on Secure Input of certain Huawei smartphones in Versions earlier than Tony-AL00B 9.1.0.216(C00E214R2P1). The Secure Input does not properly limit certain system privilege. An attacker tricks the user ...
CVE-2019-5245
HiSuite 9.1.0.300 versions and earlier contains a DLL hijacking vulnerability. This vulnerability exists due to some DLL file is loaded by HiSuite improperly. And it allows an attacker to load this DLL file of the attacker's choosing that could execu...
CVE-2019-5243
There is a Clickjacking vulnerability in Huawei HG255s product. An attacker may trick user to click a link and affect the integrity of a device by exploiting this vulnerability.

Copyright 2019, cxsecurity.com

 

Back to Top