HomePentest-Tools.com Logo

Huawei Data Communication: Buffer Overflow Vulnerability in Some Huawei Products (huawei-sa-20171213-01-ike) CVE-2017-17160

Severity
CVSSv3 Score
5.9
Vulnerability description

Some Huawei products have a buffer overflow vulnerability due to incomplete range checks of the input data.

Risk description

An unauthenticated, remote attacker could exploit this vulnerability by sending malicious IKE packets to the targeted device. An exploit could allow the attacker to cause the device to write out of bounds and restart. (Vulnerability ID: HWPSIRT-2017-02047) An attacker can exploit this vulnerability to make the device write out of bounds and restart.

Recommendation

See the referenced vendor advisory for a solution.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Feb 15, 2018
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available