Huawei Data Communication: Buffer Overflow Vulnerability in Some Huawei Products (huawei-sa-20171213-01-ike) CVE-2017-17160
- CVSSv3 Score
- Vulnerability description
Some Huawei products have a buffer overflow vulnerability due to incomplete range checks of the input data.
- Risk description
An unauthenticated, remote attacker could exploit this vulnerability by sending malicious IKE packets to the targeted device. An exploit could allow the attacker to cause the device to write out of bounds and restart. (Vulnerability ID: HWPSIRT-2017-02047) An attacker can exploit this vulnerability to make the device write out of bounds and restart.
See the referenced vendor advisory for a solution.
- Not available