Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2016-8773

Summary
Assigner-huawei
Assigner Org ID-25ac1063-e409-4190-8079-24548c77ea2e
Published At-02 Apr, 2017 | 20:00
Updated At-06 Aug, 2024 | 02:35
Rejected At-
Credits

Huawei S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00; S5700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C03, V200R007C00, V200R008C00, V200R009C00; S6300 with software V200R003C00, V200R005C00, V200R008C00, V200R009C00; S6700 with software V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R008C00, V200R009C00; S7700 with software V200R007C00, V200R008C00, V200R009C00; S9300 with software V200R007C00, V200R008C00, V200R009C00; S9700 with software V200R007C00, V200R008C00, V200R009C00; and S12700 with software V200R007C00, V200R007C01, V200R008C00, V200R009C00 allow the attacker to cause a denial of service condition by sending malformed MPLS packets.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:huawei
Assigner Org ID:25ac1063-e409-4190-8079-24548c77ea2e
Published At:02 Apr, 2017 | 20:00
Updated At:06 Aug, 2024 | 02:35
Rejected At:
▼CVE Numbering Authority (CNA)

Huawei S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00; S5700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C03, V200R007C00, V200R008C00, V200R009C00; S6300 with software V200R003C00, V200R005C00, V200R008C00, V200R009C00; S6700 with software V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R008C00, V200R009C00; S7700 with software V200R007C00, V200R008C00, V200R009C00; S9300 with software V200R007C00, V200R008C00, V200R009C00; S9700 with software V200R007C00, V200R008C00, V200R009C00; and S12700 with software V200R007C00, V200R007C01, V200R008C00, V200R009C00 allow the attacker to cause a denial of service condition by sending malformed MPLS packets.

Affected Products
Vendor
n/a
Product
S5300,S5700,S6300,S6700,S7700,9300,9700,S12700 S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00,S5700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C03, V200R007C00, V200R008C00, V200R009C00,S6300 with software V200R003C00, V200R005C00, V200R008C00, V200R009C00,S6700 with software V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R008C00, V200R009C00,S7700 with software V200R007C00, V200R008C00, V200R009C00,S9300 with software V200R007C00, V200R008C00, V200R009C00,S9700 with software V200R007C00, V200R008C00, V200R009C00 and S12700 with software V200R007C00, V200R007C01, V200R008C00, V200R009C00
Versions
Affected
  • S5300,S5700,S6300,S6700,S7700,9300,9700,S12700 S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00,S5700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C03, V200R007C00, V200R008C00, V200R009C00,S6300 with software V200R003C00, V200R005C00, V200R008C00, V200R009C00,S6700 with software V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R008C00, V200R009C00,S7700 with software V200R007C00, V200R008C00, V200R009C00,S9300 with software V200R007C00, V200R008C00, V200R009C00,S9700 with software V200R007C00, V200R008C00, V200R009C00 and S12700 with software V200R007C00, V200R007C01, V200R008C00, V200R009C00
Problem Types
TypeCWE IDDescription
textN/Ainput validation
Type: text
CWE ID: N/A
Description: input validation
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161111-01-mpls-en
x_refsource_CONFIRM
http://www.securityfocus.com/bid/94285
vdb-entry
x_refsource_BID
Hyperlink: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161111-01-mpls-en
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/94285
Resource:
vdb-entry
x_refsource_BID
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161111-01-mpls-en
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/94285
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161111-01-mpls-en
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/94285
Resource:
vdb-entry
x_refsource_BID
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@huawei.com
Published At:02 Apr, 2017 | 20:59
Updated At:20 Apr, 2025 | 01:37

Huawei S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00; S5700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C03, V200R007C00, V200R008C00, V200R009C00; S6300 with software V200R003C00, V200R005C00, V200R008C00, V200R009C00; S6700 with software V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R008C00, V200R009C00; S7700 with software V200R007C00, V200R008C00, V200R009C00; S9300 with software V200R007C00, V200R008C00, V200R009C00; S9700 with software V200R007C00, V200R008C00, V200R009C00; and S12700 with software V200R007C00, V200R007C01, V200R008C00, V200R009C00 allow the attacker to cause a denial of service condition by sending malformed MPLS packets.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.5HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.0
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
Huawei Technologies Co., Ltd.
huawei
>>s12700_firmware>>v200r007c00
cpe:2.3:o:huawei:s12700_firmware:v200r007c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s12700_firmware>>v200r007c01
cpe:2.3:o:huawei:s12700_firmware:v200r007c01:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s12700_firmware>>v200r008c00
cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s12700_firmware>>v200r009c00
cpe:2.3:o:huawei:s12700_firmware:v200r009c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s12700>>-
cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s5300_firmware>>v200r003c00
cpe:2.3:o:huawei:s5300_firmware:v200r003c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s5300_firmware>>v200r007c00
cpe:2.3:o:huawei:s5300_firmware:v200r007c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s5300_firmware>>v200r008c00
cpe:2.3:o:huawei:s5300_firmware:v200r008c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s5300_firmware>>v200r009c00
cpe:2.3:o:huawei:s5300_firmware:v200r009c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s5300>>-
cpe:2.3:h:huawei:s5300:-:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s5700_firmware>>v200r001c00
cpe:2.3:o:huawei:s5700_firmware:v200r001c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s5700_firmware>>v200r002c00
cpe:2.3:o:huawei:s5700_firmware:v200r002c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s5700_firmware>>v200r003c00
cpe:2.3:o:huawei:s5700_firmware:v200r003c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s5700_firmware>>v200r005c00
cpe:2.3:o:huawei:s5700_firmware:v200r005c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s5700_firmware>>v200r005c03
cpe:2.3:o:huawei:s5700_firmware:v200r005c03:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s5700_firmware>>v200r007c00
cpe:2.3:o:huawei:s5700_firmware:v200r007c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s5700_firmware>>v200r008c00
cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s5700_firmware>>v200r009c00
cpe:2.3:o:huawei:s5700_firmware:v200r009c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s5700>>-
cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s6300_firmware>>v200r003c00
cpe:2.3:o:huawei:s6300_firmware:v200r003c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s6300_firmware>>v200r005c00
cpe:2.3:o:huawei:s6300_firmware:v200r005c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s6300_firmware>>v200r008c00
cpe:2.3:o:huawei:s6300_firmware:v200r008c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s6300_firmware>>v200r009c00
cpe:2.3:o:huawei:s6300_firmware:v200r009c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s6300>>-
cpe:2.3:h:huawei:s6300:-:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s6700_firmware>>v200r001c00
cpe:2.3:o:huawei:s6700_firmware:v200r001c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s6700_firmware>>v200r001c01
cpe:2.3:o:huawei:s6700_firmware:v200r001c01:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s6700_firmware>>v200r002c00
cpe:2.3:o:huawei:s6700_firmware:v200r002c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s6700_firmware>>v200r003c00
cpe:2.3:o:huawei:s6700_firmware:v200r003c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s6700_firmware>>v200r005c00
cpe:2.3:o:huawei:s6700_firmware:v200r005c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s6700_firmware>>v200r007c00
cpe:2.3:o:huawei:s6700_firmware:v200r007c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s6700_firmware>>v200r008c00
cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s6700_firmware>>v200r009c00
cpe:2.3:o:huawei:s6700_firmware:v200r009c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s6700>>-
cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s7700_firmware>>v200r007c00
cpe:2.3:o:huawei:s7700_firmware:v200r007c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s7700_firmware>>v200r008c00
cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s7700_firmware>>v200r009c00
cpe:2.3:o:huawei:s7700_firmware:v200r009c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s7700>>-
cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s9300_firmware>>v200r007c00
cpe:2.3:o:huawei:s9300_firmware:v200r007c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s9300_firmware>>v200r008c00
cpe:2.3:o:huawei:s9300_firmware:v200r008c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s9300_firmware>>v200r009c00
cpe:2.3:o:huawei:s9300_firmware:v200r009c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s9300>>-
cpe:2.3:h:huawei:s9300:-:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s9700_firmware>>v200r007c00
cpe:2.3:o:huawei:s9700_firmware:v200r007c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s9700_firmware>>v200r008c00
cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s9700_firmware>>v200r009c00
cpe:2.3:o:huawei:s9700_firmware:v200r009c00:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s9700>>-
cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161111-01-mpls-enpsirt@huawei.com
Vendor Advisory
http://www.securityfocus.com/bid/94285psirt@huawei.com
Third Party Advisory
VDB Entry
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161111-01-mpls-enaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/94285af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
Hyperlink: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161111-01-mpls-en
Source: psirt@huawei.com
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/94285
Source: psirt@huawei.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161111-01-mpls-en
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/94285
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry

Change History

0
Information is not available yet

Similar CVEs

1594Records found
CVE-2021-37047
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.25% / 48.39%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 15:45
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause some services to restart.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-20
Improper Input Validation
CVE-2021-37081
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.11%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:04
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to nearby crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-20
Improper Input Validation
CVE-2021-37013
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-5.3||MEDIUM
EPSS-0.25% / 47.73%
||
7 Day CHG~0.00%
Published-23 Nov, 2021 | 15:27
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the availability of users is affected.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-20
Improper Input Validation
CVE-2015-7845
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.22% / 44.50%
||
7 Day CHG~0.00%
Published-19 Nov, 2015 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The exception handling mechanism in the CLI Module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V100R001C20SPH605 allows remote attackers to cause a denial of service (CLI outage) via crafted SSH packets.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-espace_firmwareespace_unified_gateway_u1980espace_unified_gateway_u1960espace_unified_gateway_u1930espace_unified_gateway_u1910espace_unified_gateway_u1981espace_unified_gateway_u1911n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2021-37094
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.11%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:06
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system denial of service.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-20
Improper Input Validation
CVE-2014-8572
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.28% / 51.05%
||
7 Day CHG~0.00%
Published-02 Apr, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei AC6605 with software V200R001C00; AC6605 with software V200R002C00; ACU with software V200R001C00; ACU with software V200R002C00; S2300, S3300, S2700, S3700 with software V100R006C05 and earlier versions; S5300, S5700, S6300, S6700 with software V100R006, V200R001, V200R002, V200R003, V200R005C00SPC300 and earlier versions; S7700, S9300, S9300E, S9700 with software V100R006, V200R001, V200R002, V200R003, V200R005C00SPC300 and earlier versions could allow remote attackers to send a special SSH packet to the VRP device to cause a denial of service.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-ac6605s6300s7700_firmwareacus2300s5700s6300_firmwares7700s6700_firmwares5700_firmwares9700_firmwares9300es6700s9700s_series_firmwares5300_firmwareac6605_firmwares9300_firmwares9300e_firmwares9300acu_firmwares3300s5300s3700s2700AC6605,AC6605,ACU,S2300, S3300,S2700, S3700,S5300, S5700,S6300, S6700,S7700, S9300,S9300E, S9700, AC6605 AC6605 V200R001C00, AC6605 V200R002C00,ACU ACU V200R001C00, ACU V200R002C00,S2300, S3300, V100R006C05 and earlier versions,S2700, S3700,S5300, S5700, V100R006,?S6300, S6700 V200R001, V200R002, V200R003, V200R005C00SPC300 and earlier versions,S7700, S9300, V100R006,S9300E, S9700 V200R001, V200R002, V200R003, V200R005C00SPC300 and earlier versions,
CWE ID-CWE-20
Improper Input Validation
CVE-2015-7844
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.90%
||
7 Day CHG~0.00%
Published-02 Apr, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei FusionAccess with software V100R005C10,V100R005C20 could allow attackers to craft and send a malformed HDP protocol packet to cause the virtual cloud desktop to be displaying an error and not usable.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-fusionaccessFusionAccess V100R005C10,V100R005C20
CWE ID-CWE-20
Improper Input Validation
CVE-2021-22491
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.25% / 48.39%
||
7 Day CHG~0.00%
Published-28 Oct, 2021 | 12:25
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-20
Improper Input Validation
CVE-2021-22381
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.11%
||
7 Day CHG~0.00%
Published-02 Aug, 2021 | 16:39
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause an infinite loop in DoS.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-20
Improper Input Validation
CVE-2021-22357
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.11%
||
7 Day CHG~0.00%
Published-23 Aug, 2021 | 19:30
Updated-03 Aug, 2024 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages due to validating inputs insufficiently. Attackers can exploit this vulnerability by sending specific messages to affected module. This can cause denial of service. Affected product versions include: S12700 V200R013C00SPC500, V200R019C00SPC500; S5700 V200R013C00SPC500, V200R019C00SPC500; S6700 V200R013C00SPC500, V200R019C00SPC500; S7700 V200R013C00SPC500, V200R019C00SPC500.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-s12700s5700_firmwares6700_firmwares12700_firmwares7700_firmwares5700s6700s7700S12700;S5700;S6700;S7700
CWE ID-CWE-20
Improper Input Validation
CVE-2015-2245
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.32% / 54.54%
||
7 Day CHG~0.00%
Published-27 Jun, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei Ascend P7 allows remote attackers to cause a denial of service (phone process crash).

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-p7-l09_firmwarep7-l09n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8147
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.16% / 37.45%
||
7 Day CHG~0.00%
Published-22 Nov, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S5300 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S5700 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S6300 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R008C00,S6700 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S7700 with software V100R003C00, V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S9300 with software V100R001C00, V100R002C00, V100R003C00, V100R006C00, V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R008C10,S9700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,Secospace USG6600 V500R001C00SPC050 have a MaxAge LSA vulnerability due to improper OSPF implementation. When the device receives special LSA packets, the LS (Link Status) age would be set to MaxAge, 3600 seconds. An attacker can exploit this vulnerability to poison the route table and launch a DoS attack.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-ar3200ac6605s1700_firmwares6300s7700_firmwares2300s12700_firmwares7700s6700_firmwares5700_firmwarecloudengine_7800s9700_firmwarecloudengine_12800_firmwares2700_firmwarecloudengine_6800_firmwarecloudengine_5800cloudengine_12800ac6605_firmwares9300_firmwareac6005cloudengine_8800ar1200_firmwarear200e600_firmwares2300_firmwarecloudengine_8800_firmwarear200_firmwares12700cloudengine_7800_firmwarear1200s5700s6300_firmwarear3200_firmwarecloudengine_5800_firmwaresecospace_usg6600_firmwaresecospace_usg6600s6700s9700s5300_firmwaree600ac6005_firmwares1700s9300cloudengine_6800s5300s2700AC6005,AC6605,AR1200,AR200,AR3200,CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,CloudEngine 8800,E600,S12700,S1700,S2300,S2700,S5300,S5700,S6300,S6700,S7700,S9300,S9700,Secospace USG6600,
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8167
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.28% / 51.05%
||
7 Day CHG~0.00%
Published-22 Nov, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei firewall products USG9500 V500R001C50 has a DoS vulnerability.A remote attacker who controls the peer device could exploit the vulnerability by sending malformed IKE packets to the target device. Successful exploit of the vulnerability could cause the device to restart.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-usg9500usg9500_firmwareUSG9500
CWE ID-CWE-20
Improper Input Validation
CVE-2020-1828
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.25% / 48.28%
||
7 Day CHG~0.00%
Published-17 Feb, 2020 | 19:49
Updated-04 Aug, 2024 | 06:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have an input validation vulnerability where the IPSec module does not validate a field in a specific message. Attackers can send specific message to cause out-of-bound read, compromising normal service.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-usg9500_firmwaresecospace_usg6600nip6800_firmwarenip6800secospace_usg6600_firmwareusg9500NIP6800Secospace USG6600USG9500
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2019-5266
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.16% / 37.75%
||
7 Day CHG~0.00%
Published-23 Dec, 2019 | 17:49
Updated-04 Aug, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei Share function in P30 9.1.0.193(C00E190R2P1) smartphone has an insufficient input validation vulnerability. Attackers can exploit this vulnerability by sending crafted packets to the affected device. Successful exploit may cause the function will be disabled.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-p30_firmwarep30Share function P30
CWE ID-CWE-20
Improper Input Validation
CVE-2019-5285
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.12% / 31.24%
||
7 Day CHG~0.00%
Published-04 Jun, 2019 | 18:47
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some Huawei S series switches have a DoS vulnerability. An unauthenticated remote attacker can send crafted packets to the affected device to exploit this vulnerability. Due to insufficient verification of the packets, successful exploitation may cause the device reboot and denial of service (DoS) condition. (Vulnerability ID: HWPSIRT-2019-03109)

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-s5300s9700s9300xs7900s1700_firmwares2700s7700_firmwares600-es2300s6300_firmwares7700s1700s12700s5700_firmwares9300x_firmwares6700_firmwares2300_firmwares7900_firmwares12700_firmwares9700_firmwares600-e_firmwares5300_firmwares9300_firmwares9300s5700s6300s6700s2700_firmwareS12700, S12700, S12700, S12700, S12700, S12700, S12700, S12700, S1700, S1700, S1700, S1700, S1700, S1700, S2300, S2300, S2300, S2300, S2300, S2300, S2300, S2700, S2700, S2700, S2700, S2700, S2700, S2700, S2700, S5300, S5300, S5300, S5300, S5300, S5300, S5300, S5700, S5700, S5700, S5700, S5700, S5700, S5700, S5700, S5700, S600-E, S600-E, S600-E, S600-E, S600-E, S6300, S6300, S6300, S6300, S6300, S6300, S6300, S6300, S6700, S6700, S6700, S6700, S6700, S6700, S6700, S6700, S7700, S7700, S7700, S7700, S7700, S7700, S7700, S7700, S7700, S7900, S7900, S7900, S9300, S9300, S9300, S9300, S9300, S9300, S9300, S9300X, S9300X, S9300X, S9300X, S9700, S9700, S9700, S9700, S9700, S9700, S9700, S9700, S9700
CWE ID-CWE-20
Improper Input Validation
CVE-2019-19415
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.36% / 57.26%
||
7 Day CHG~0.00%
Published-08 Jul, 2020 | 16:58
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-ar2200_firmwareusg9560_firmwareviewpoint_9030ips_modulear3200_firmwarear2200espace_u1930te60viewpoint_8660_firmwaresrg3300nip6300_firmwarete30netengine16exar120-s_firmwareusg9560svn5800-c_firmwarengfw_moduledp300ar200-sespace_u1911ar120-ssoftco_firmwarear510usg9520ar150-ssemg9811_firmwarete60_firmwaresrg2300secospace_usg6500_firmwaresvn5800ar150_firmwareips_module_firmwaresecospace_usg6600_firmwarear3600ar3200semg9811dp300_firmwarear200-s_firmwareespace_u1910softcosvn5600ar160_firmwarevp9660_firmwareusg9520_firmwareespace_u1960netengine16ex_firmwaresecospace_usg6600viewpoint_9030_firmwarear1200te30_firmwarevp9660srg1300srg1300_firmwaresecospace_usg6300espace_u1980srg2300_firmwarete40srg3300_firmwareespace_u1910_firmwareespace_u1930_firmwaresmc2.0_firmwarear1200-s_firmwareusg9500te50espace_u1911_firmwarerse6500nip6600espace_u1981_firmwarenip6800_firmwareespace_u1981ar160espace_u1980_firmwarenip6300secospace_usg6500usg9500_firmwaresvn5800_firmwarear2200-stp3206tp3206_firmwaresvn5600_firmwarear510_firmwarear150-s_firmwarear1200-sar150smc2.0ngfw_module_firmwarear1200_firmwarear200espace_u1960_firmwarear3600_firmwarear2200-s_firmwarenip6800te40_firmwarerse6500_firmwareviewpoint_8660ar200_firmwarenip6600_firmwaresvn5800-cte50_firmwaresecospace_usg6300_firmwareSoftCoeSpace U1960NGFW ModuleSMC2.0TP3206USG9500ViewPoint 9030eSpace U1911TE50SRG1300TE40AR2200-SVP9660eSpace U1980SVN5800AR160NIP6300SVN5600NetEngine16EXAR1200AR150AR2200IPS ModuleViewPoint 8660AR150-SNIP6600TE30NIP6800Secospace USG6600USG9520RSE6500eSpace U1910DP300eSpace U1981USG9560TE60AR120-SAR510Secospace USG6300SRG2300SRG3300AR3200AR1200-SSVN5800-CSeMG9811AR3600eSpace U1930AR200Secospace USG6500AR200-S
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2017-17156
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.11%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 16:00
Updated-05 Aug, 2024 | 20:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6600 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, Secospace USG6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6600 V500R001C00, V500R001C00SPC100, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC301, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200PWE, V500R001C20SPC300, V500R001C20SPC300B078, V500R001C20SPC300PWE, USG9500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC303, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE has an out-of-bounds memory access vulnerability due to insufficient input validation. An attacker could exploit it to craft special packets to trigger out-of-bounds memory access, which may further lead to system exceptions.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-secospace_usg6500_firmwarenip6300ips_modulesecospace_usg6500usg9500_firmwareips_module_firmwaresecospace_usg6600_firmwaresecospace_usg6300nip6300_firmwarengfw_module_firmwareusg9500nip6600ngfw_modulenip6600_firmwaresecospace_usg6600secospace_usg6300_firmwareIPS,Module,NGFW,Module,NIP6300,NIP6600,Secospace,USG6300,Secospace,USG6500,Secospace,USG6600,USG9500
CWE ID-CWE-20
Improper Input Validation
CVE-2017-17283
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-5.3||MEDIUM
EPSS-0.20% / 42.44%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 16:00
Updated-05 Aug, 2024 | 20:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00 have an out-of-bound read vulnerability. A remote attacker send specially crafted Session Initiation Protocol (SIP) messages to the affected products. Due to insufficient input validation, successful exploit will cause some services abnormal.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-te60_firmwarete30_firmwaredp300rp200te40_firmwarete60dp300_firmwarete40te30te50_firmwarete50rp200_firmwareDP300,RP200,TE30,TE40,TE50,TE60
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2017-17258
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.15% / 35.80%
||
7 Day CHG~0.00%
Published-24 Apr, 2018 | 15:00
Updated-05 Aug, 2024 | 20:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 has a resource management vulnerability in H323 protocol. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products in the case of failure to apply for memory. Due to insufficient validation of packets, which could be exploited to cause process crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-ar2200_firmwareusg9560_firmwareviewpoint_9030ips_modulear3200_firmwarear2200te60viewpoint_8660_firmwaresrg3300nip6300_firmwarete30netengine16exar120-s_firmwareusg9560svn5800-c_firmwarengfw_moduledp300ar200-sar120-sar510usg9520ar150-ssemg9811_firmwarete60_firmwaresrg2300secospace_usg6500_firmwaresvn5800ar150_firmwareips_module_firmwaresecospace_usg6600_firmwarear3600ar3200semg9811usg6000vdp300_firmwarear200-s_firmwaretp3106_firmwaresvn5600ar160_firmwareusg6000v_firmwarevp9660_firmwareusg9520_firmwareusg9580netengine16ex_firmwaresecospace_usg6600viewpoint_9030_firmwarear1200te30_firmwarevp9660srg1300srg1300_firmwaresecospace_usg6300srg3300_firmwaresrg2300_firmwarete40ar1200-s_firmwareusg9500te50rse6500nip6600usg9580_firmwarenip6800_firmwaretp3106ar160nip6300secospace_usg6500usg9500_firmwaresvn5800_firmwarear2200-stp3206tp3206_firmwaresvn5600_firmwarear510_firmwarear150-s_firmwarear1200-sar150ngfw_module_firmwarear1200_firmwarear200ar3600_firmwarear2200-s_firmwarenip6800te40_firmwarerse6500_firmwareviewpoint_8660ar200_firmwarenip6600_firmwaresvn5800-cte50_firmwaresecospace_usg6300_firmwareAR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR3600, AR510, DP300, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, NetEngine16EX, RSE6500, SRG1300, SRG2300, SRG3300, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace USG6300, Secospace USG6500, Secospace USG6600, TE30, TE40, TE50, TE60, TP3106, TP3206, USG6000V, USG9500, USG9520, USG9560, USG9580, VP9660, ViewPoint 8660, ViewPoint 9030
CWE ID-CWE-20
Improper Input Validation
CVE-2019-19416
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.36% / 57.26%
||
7 Day CHG~0.00%
Published-08 Jul, 2020 | 16:55
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-ar2200_firmwareusg9560_firmwareviewpoint_9030ips_modulear3200_firmwarear2200espace_u1930te60viewpoint_8660_firmwaresrg3300nip6300_firmwarete30netengine16exar120-s_firmwareusg9560svn5800-c_firmwarengfw_moduledp300ar200-sespace_u1911ar120-ssoftco_firmwarear510usg9520ar150-ssemg9811_firmwarete60_firmwaresrg2300secospace_usg6500_firmwaresvn5800ar150_firmwareips_module_firmwaresecospace_usg6600_firmwarear3600ar3200semg9811dp300_firmwarear200-s_firmwareespace_u1910softcosvn5600ar160_firmwarevp9660_firmwareusg9520_firmwareespace_u1960netengine16ex_firmwaresecospace_usg6600viewpoint_9030_firmwarear1200te30_firmwarevp9660srg1300srg1300_firmwaresecospace_usg6300espace_u1980srg2300_firmwarete40srg3300_firmwareespace_u1910_firmwareespace_u1930_firmwaresmc2.0_firmwarear1200-s_firmwareusg9500te50espace_u1911_firmwarerse6500nip6600espace_u1981_firmwarenip6800_firmwareespace_u1981ar160espace_u1980_firmwarenip6300secospace_usg6500usg9500_firmwaresvn5800_firmwarear2200-stp3206tp3206_firmwaresvn5600_firmwarear510_firmwarear150-s_firmwarear1200-sar150smc2.0ngfw_module_firmwarear1200_firmwarear200espace_u1960_firmwarear3600_firmwarear2200-s_firmwarenip6800te40_firmwarerse6500_firmwareviewpoint_8660ar200_firmwarenip6600_firmwaresvn5800-cte50_firmwaresecospace_usg6300_firmwareSoftCoeSpace U1960NGFW ModuleSMC2.0TP3206USG9500ViewPoint 9030eSpace U1911TE50SRG1300TE40AR2200-SVP9660eSpace U1980SVN5800AR160NIP6300SVN5600NetEngine16EXAR1200AR150AR2200IPS ModuleViewPoint 8660AR150-SNIP6600TE30NIP6800Secospace USG6600USG9520RSE6500eSpace U1910DP300eSpace U1981USG9560TE60AR120-SAR510Secospace USG6300SRG2300SRG3300AR3200AR1200-SSVN5800-CSeMG9811AR3600eSpace U1930AR200Secospace USG6500AR200-S
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2017-17312
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.12% / 31.56%
||
7 Day CHG~0.00%
Published-21 Aug, 2018 | 13:00
Updated-05 Aug, 2024 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a DoS vulnerability in the IPSEC IKEv1 implementations of Huawei Firewall products. Due to improper handling of the malformed messages, an attacker may sent crafted packets to the affected device to exploit these vulnerabilities. Successful exploit the vulnerability could lead to device deny of service.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-usg5150bsrusg5120bsr_firmwareusg5120bsrusg2205bsr_firmwareusg2205bsrusg5150bsr_firmwareusg2220bsrusg2220bsr_firmwareUSG2205BSR; USG2220BSR; USG5120BSR; USG5150BSR
CWE ID-CWE-20
Improper Input Validation
CVE-2017-17153
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.11%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 16:00
Updated-05 Aug, 2024 | 20:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6600 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, Secospace USG6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6600 V500R001C00, V500R001C00SPC100, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC301, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200PWE, V500R001C20SPC300, V500R001C20SPC300B078, V500R001C20SPC300PWE, USG9500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC303, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE has a memory leak vulnerability due to memory release failure resulted from insufficient input validation. An attacker could exploit it to cause memory leak, which may further lead to system exceptions.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-secospace_usg6500_firmwarenip6300ips_modulesecospace_usg6500usg9500_firmwareips_module_firmwaresecospace_usg6600_firmwaresecospace_usg6300nip6300_firmwarengfw_module_firmwareusg9500nip6600ngfw_modulenip6600_firmwaresecospace_usg6600secospace_usg6300_firmwareIPS,Module,NGFW,Module,NIP6300,NIP6600,Secospace,USG6300,Secospace,USG6500,Secospace,USG6600,USG9500
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2017-17157
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.11%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 16:00
Updated-05 Aug, 2024 | 20:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6600 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, Secospace USG6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6600 V500R001C00, V500R001C00SPC100, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC301, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200PWE, V500R001C20SPC300, V500R001C20SPC300B078, V500R001C20SPC300PWE, USG9500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC303, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE has an out-of-bounds memory access vulnerability due to insufficient input validation. An attacker could exploit it to craft special packets to trigger out-of-bounds memory access, which may further lead to system exceptions.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-secospace_usg6500_firmwarenip6300ips_modulesecospace_usg6500usg9500_firmwareips_module_firmwaresecospace_usg6600_firmwaresecospace_usg6300nip6300_firmwarengfw_module_firmwareusg9500nip6600ngfw_modulenip6600_firmwaresecospace_usg6600secospace_usg6300_firmwareIPS,Module,NGFW,Module,NIP6300,NIP6600,Secospace,USG6300,Secospace,USG6500,Secospace,USG6600,USG9500
CWE ID-CWE-20
Improper Input Validation
CVE-2017-17154
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.11%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 16:00
Updated-05 Aug, 2024 | 20:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6600 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, Secospace USG6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6600 V500R001C00, V500R001C00SPC100, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC301, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200PWE, V500R001C20SPC300, V500R001C20SPC300B078, V500R001C20SPC300PWE, USG9500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC303, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE has a DoS vulnerability due to insufficient input validation. An attacker could exploit it to cause unauthorized memory access, which may further lead to system exceptions.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-secospace_usg6500_firmwarenip6300ips_modulesecospace_usg6500usg9500_firmwareips_module_firmwaresecospace_usg6600_firmwaresecospace_usg6300nip6300_firmwarengfw_module_firmwareusg9500nip6600ngfw_modulenip6600_firmwaresecospace_usg6600secospace_usg6300_firmwareIPS,Module,NGFW,Module,NIP6300,NIP6600,Secospace,USG6300,Secospace,USG6500,Secospace,USG6600,USG9500
CWE ID-CWE-20
Improper Input Validation
CVE-2017-17315
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-5.3||MEDIUM
EPSS-0.15% / 36.63%
||
7 Day CHG~0.00%
Published-24 May, 2018 | 14:00
Updated-05 Aug, 2024 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause some services abnormal.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-te60_firmwarete30_firmwaredp300rp200te40_firmwarete60dp300_firmwarete40te30te50_firmwarete50rp200_firmwareDP300; RP200; TE30; TE40; TE50; TE60
CWE ID-CWE-20
Improper Input Validation
CVE-2017-15324
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.21% / 43.60%
||
7 Day CHG~0.00%
Published-22 Dec, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei S5700 and S6700 with software of V200R005C00 have a DoS vulnerability due to insufficient validation of the Network Quality Analysis (NQA) packets. A remote attacker could exploit this vulnerability by sending malformed NQA packets to the target device. Successful exploitation could make the device restart.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-s6700_firmwares6700s5700s5700_firmwareS7700S2700S1700S9700S6700S12700S5700
CWE ID-CWE-20
Improper Input Validation
CVE-2017-15348
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.15% / 36.10%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 16:00
Updated-05 Aug, 2024 | 19:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei IPS Module V500R001C00, NGFW Module V500R001C00, NIP6300 V500R001C00, NIP6600 V500R001C00, Secospace USG6300 V500R001C00, Secospace USG6500 V500R001C00, Secospace USG6600 V500R001C00, USG9500 V500R001C00 have an insufficient input validation vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-secospace_usg6500_firmwarenip6300ips_moduleusg9500_firmwaresecospace_usg6500ips_module_firmwaresecospace_usg6600_firmwaresecospace_usg6300nip6300_firmwarengfw_module_firmwareusg9500nip6600ngfw_modulenip6600_firmwaresecospace_usg6600secospace_usg6300_firmwareIPS Module,NGFW Module,NIP6300,NIP6600,Secospace USG6300,Secospace USG6500,Secospace USG6600,USG9500,
CWE ID-CWE-20
Improper Input Validation
CVE-2017-17300
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.42% / 61.12%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 16:00
Updated-05 Aug, 2024 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei S12700 V200R008C00, V200R009C00, S5700 V200R007C00, V200R008C00, V200R009C00, S6700 V200R008C00, V200R009C00, S7700 V200R008C00, V200R009C00, S9700 V200R008C00, V200R009C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specific TCP messages with keychain authentication option to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause the affected products to reset.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-s12700s5700_firmwares6700_firmwares9700s12700_firmwares9700_firmwares7700_firmwares5700s6700s7700S12700,S5700,S6700,S7700,S9700
CWE ID-CWE-20
Improper Input Validation
CVE-2019-19417
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.36% / 57.26%
||
7 Day CHG~0.00%
Published-08 Jul, 2020 | 16:53
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-ar2200_firmwareusg9560_firmwareviewpoint_9030ips_modulear3200_firmwarear2200espace_u1930te60viewpoint_8660_firmwaresrg3300nip6300_firmwarete30netengine16exar120-s_firmwareusg9560svn5800-c_firmwarengfw_moduledp300ar200-sespace_u1911ar120-ssoftco_firmwarear510usg9520ar150-ssemg9811_firmwarete60_firmwaresrg2300secospace_usg6500_firmwaresvn5800ar150_firmwareips_module_firmwaresecospace_usg6600_firmwarear3600ar3200semg9811dp300_firmwarear200-s_firmwareespace_u1910softcosvn5600ar160_firmwarevp9660_firmwareusg9520_firmwareespace_u1960netengine16ex_firmwaresecospace_usg6600viewpoint_9030_firmwarear1200te30_firmwarevp9660srg1300srg1300_firmwaresecospace_usg6300espace_u1980srg2300_firmwarete40srg3300_firmwareespace_u1910_firmwareespace_u1930_firmwaresmc2.0_firmwarear1200-s_firmwareusg9500te50espace_u1911_firmwarerse6500nip6600espace_u1981_firmwarenip6800_firmwareespace_u1981ar160espace_u1980_firmwarenip6300secospace_usg6500usg9500_firmwaresvn5800_firmwarear2200-stp3206tp3206_firmwaresvn5600_firmwarear510_firmwarear150-s_firmwarear1200-sar150smc2.0ngfw_module_firmwarear1200_firmwarear200espace_u1960_firmwarear3600_firmwarear2200-s_firmwarenip6800te40_firmwarerse6500_firmwareviewpoint_8660ar200_firmwarenip6600_firmwaresvn5800-cte50_firmwaresecospace_usg6300_firmwareSoftCoeSpace U1960NGFW ModuleSMC2.0TP3206USG9500ViewPoint 9030eSpace U1911TE50SRG1300TE40AR2200-SVP9660eSpace U1980SVN5800AR160NIP6300SVN5600NetEngine16EXAR1200AR150AR2200IPS ModuleViewPoint 8660AR150-SNIP6600TE30NIP6800Secospace USG6600USG9520RSE6500eSpace U1910DP300eSpace U1981USG9560TE60AR120-SAR510Secospace USG6300SRG2300SRG3300AR3200AR1200-SSVN5800-CSeMG9811AR3600eSpace U1930AR200Secospace USG6500AR200-S
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2016-8278
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.27% / 50.18%
||
7 Day CHG~0.00%
Published-03 Oct, 2016 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei USG9520, USG9560, and USG9580 unified security gateways with software before V300R001C01SPCa00 allow remote attackers to cause a denial of service (device restart) via an unspecified URL.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-usg9520usg9560usg9580n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-8796
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.60%
||
7 Day CHG~0.00%
Published-02 Apr, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei USG9520 V300R001C01, USG9560 V300R001C01, and USG9580 V300R001C01 allow unauthenticated attackers to send abnormal DHCP request packets to the affected products to trigger a DoS condition.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-usg9580usg9520usg9560_firmwareusg9560usg9520_firmwareusg9580_firmwareUSG9520,USG9560,USG9580, USG9520 V300R001C01,USG9560 V300R001C01,USG9580 V300R001C01
CWE ID-CWE-20
Improper Input Validation
CVE-2016-3678
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.28% / 51.05%
||
7 Day CHG~0.00%
Published-11 Apr, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei Quidway S9700, S5700, S5300, S9300, and S7700 switches with software before V200R003SPH012 allow remote attackers to cause a denial of service (switch restart) via crafted traffic.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-s5300s9300_firmwares7700_firmwares5700s9700s5700_firmwares5300_firmwares7700s9700_firmwares9300n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-3913
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.28% / 51.05%
||
7 Day CHG~0.00%
Published-08 Jun, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IP stack in multiple Huawei Campus series switch models allows remote attackers to cause a denial of service (reboot) via a crafted ICMP request message.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-s5720his5700si_firmwares7700_firmwares2300s2750ei_firmwares12700_firmwares5300ei_firmwares7700s5700hi_firmwares5300hi_firmwares5720hi_firmwares9700_firmwares6700ei_firmwares2700_firmwares5700his9300_firmwares5300lis2350ei_firmwares5700li_firmwares3300s5700ei_firmwares5300li_firmwares3700s2300_firmwares2750eis5700eis3300_firmwares12700s5710his6300eis6300ei_firmwares2350eis9700s5700sis5300eis5300sis6700eis5700lis5710hi_firmwares9300s5300si_firmwares3700_firmwares5300his2700n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-17299
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.15% / 35.80%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 16:00
Updated-05 Aug, 2024 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C02, AR1200-S V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C02, AR150-S V200R006C10, V200R007C00, AR160 V200R006C10, V200R006C12, V200R007C00S, V200R007C02, AR200 V200R006C10, V200R007C00, AR200-S V200R006C10, V200R007C00, AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C02, AR2200-S V200R006C10, V200R007C00, V200R008C20, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C02, AR3600 V200R006C10, V200R007C00, AR510 V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, IPS Module V500R001C30, NIP6300 V500R001C30, NetEngine16EX V200R006C10, V200R007C00 have an insufficient input validation vulnerability. An unauthenticated, remote attacker may send crafted IKE V2 messages to the affected products. Due to the insufficient validation of the messages, successful exploit will cause invalid memory access and result in a denial of service on the affected products.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-ar2200_firmwareips_modulear1200ar3200_firmwarear2200nip6300_firmwarenetengine16exar120-s_firmwarear1200-s_firmwarear200-sar120-sar510ar150-sar160ar150_firmwarear2200-snip6300ips_module_firmwarear510_firmwarear150-s_firmwarear1200-sar3600ar150ar3200ar1200_firmwarear200-s_firmwarear200ar3600_firmwarear160_firmwarear2200-s_firmwarear200_firmwarenetengine16ex_firmwareAR120-S,AR1200,AR1200-S,AR150,AR150-S,AR160,AR200,AR200-S,AR2200,AR2200-S,AR3200,AR3600,AR510,IPS Module,NIP6300,NetEngine16EX
CWE ID-CWE-20
Improper Input Validation
CVE-2017-17308
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-5.3||MEDIUM
EPSS-0.22% / 45.22%
||
7 Day CHG~0.00%
Published-11 Apr, 2018 | 17:00
Updated-05 Aug, 2024 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-te60_firmwarete30_firmwaredp300rp200te40_firmwarete60dp300_firmwarete40te30te50_firmwarete50rp200_firmwareDP300, RP200, TE30, TE40, TE50, TE60
CWE ID-CWE-20
Improper Input Validation
CVE-2017-17311
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.12% / 31.56%
||
7 Day CHG~0.00%
Published-21 Aug, 2018 | 13:00
Updated-05 Aug, 2024 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a DoS vulnerability in the IPSEC IKEv1 implementations of Huawei Firewall products. Due to improper handling of the malformed messages, an attacker may sent crafted packets to the affected device to exploit these vulnerabilities. Successful exploit the vulnerability could lead to device deny of service.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-usg5150bsrusg5120bsr_firmwareusg5120bsrusg2205bsr_firmwareusg2205bsrusg5150bsr_firmwareusg2220bsrusg2220bsr_firmwareUSG2205BSR; USG2220BSR; USG5120BSR; USG5150BSR
CWE ID-CWE-20
Improper Input Validation
CVE-2017-17219
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-5.3||MEDIUM
EPSS-0.15% / 36.63%
||
7 Day CHG~0.00%
Published-09 Mar, 2018 | 17:00
Updated-05 Aug, 2024 | 20:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an invalid memory access vulnerabilities. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-te60_firmwarete30_firmwaredp300rp200te40_firmwarete60dp300_firmwarete40te30te50_firmwarete50rp200_firmwareDP300; RP200; TE30; TE40; TE50; TE60
CWE ID-CWE-20
Improper Input Validation
CVE-2016-8786
Matching Score-10
Assigner-Huawei Technologies
ShareView Details
Matching Score-10
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.22% / 44.67%
||
7 Day CHG~0.00%
Published-09 Mar, 2018 | 21:00
Updated-06 Aug, 2024 | 02:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei S12700 V200R005C00, V200R006C00, V200R007C00, V200R008C00, S5700 V200R006C00, V200R007C00, V200R008C00, S6700 V200R008C00, S7700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00 have a denial of service (DoS) vulnerability. Due to the lack of input validation, a remote attacker may craft a malformed Resource Reservation Protocol (RSVP) packet and send it to the device, causing a few buffer overflows and occasional device restart.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-s12700s5700_firmwares6700_firmwares9700s12700_firmwares9700_firmwares7700_firmwares5700s6700s7700S12700, S5700, S6700, S7700, S9700
CWE ID-CWE-20
Improper Input Validation
CVE-2016-5368
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.44% / 62.12%
||
7 Day CHG~0.00%
Published-30 Jun, 2016 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in Huawei AR3200 before V200R007C00SPC900 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted Multiprotocol Label Switching (MPLS) packets.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-ar3200ar3200_firmwaren/a
CVE-2018-7920
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.28% / 50.73%
||
7 Day CHG~0.00%
Published-19 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei AR1200 V200R006C10SPC300, AR160 V200R006C10SPC300, AR200 V200R006C10SPC300, AR2200 V200R006C10SPC300, AR3200 V200R006C10SPC300 devices have an improper resource management vulnerability. Due to the improper implementation of ACL mechanism, a remote attacker may send TCP messages to the management interface of the affected device to exploit this vulnerability. Successful exploit could exhaust the socket resource of management interface, leading to a DoS condition.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-ar2200_firmwarear200ar1200ar160_firmwarear3200_firmwarear2200ar3200ar200_firmwarear1200_firmwarear160AR1200, AR160, AR200, AR2200, AR3200
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-7994
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.28% / 51.05%
||
7 Day CHG~0.00%
Published-31 Jul, 2018 | 14:00
Updated-05 Aug, 2024 | 06:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some Huawei products IPS Module V500R001C50; NGFW Module V500R001C50; V500R002C10; NIP6300 V500R001C50; NIP6600 V500R001C50; NIP6800 V500R001C50; Secospace USG6600 V500R001C50; USG9500 V500R001C50 have a memory leak vulnerability. The software does not release allocated memory properly when processing Protal questionnaire. A remote attacker could send a lot questionnaires to the device, successful exploit could cause the device to reboot since running out of memory.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-nip6600nip6300ips_modulesecospace_usg6600ngfw_modulenip6800usg9500NGFW Module; NIP6300; NIP6600; NIP6800; Secospace USG6600; USG9500
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2015-8231
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.28% / 51.05%
||
7 Day CHG~0.00%
Published-11 Jan, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei eSpace 7910 and 7950 IP phones with software before V200R002C00SPC800 allow remote attackers with established sessions to cause a denial of service (device restart) via unspecified packets.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-espace_7950espace_7910n/a
CVE-2015-8087
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-0.22% / 44.50%
||
7 Day CHG~0.00%
Published-19 Nov, 2015 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before V800R007C10SPC100 and NE40E and NE80E routers with software before V800R007C00SPC100 allows remote attackers to send packets to other VPNs and conduct flooding attacks via a crafted MPLS forwarding packet, aka a "VPN routing and forwarding (VRF) hopping vulnerability."

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-ne40e-m2ne_router_softwarene40e-mne20e-sne40ene80en/a
CVE-2015-8672
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.22% / 44.97%
||
7 Day CHG~0.00%
Published-12 Jan, 2016 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The presentation transmission permission management mechanism in Huawei TE30, TE40, TE50, and TE60 multimedia video conferencing endpoints with software before V100R001C10SPC100 allows remote attackers to cause a denial of service (wired presentation outage) via unspecified vectors involving a wireless presentation.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-te30te50te40te60te60_firmwaren/a
CVE-2015-8676
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.28% / 51.05%
||
7 Day CHG~0.00%
Published-14 Apr, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in Huawei S5300EI, S5300SI, S5310HI, S6300EI/ S2350EI, and S5300LI Campus series switches with software V200R001C00 before V200R001SPH018, V200R002C00 before V200R003SPH011, and V200R003C00 before V200R003SPH011; S9300, S7700, and S9700 Campus series switches with software V200R001C00 before V200R001SPH023, V200R002C00 before V200R003SPH011, and V200R003C00 before V200R003SPH011; and S2300 and S3300 Campus series switches with software V100R006C05 before V100R006SPH022 allows remote attackers to cause a denial of service (memory consumption and reboot) via a large number of ICMPv6 packets.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-s2300s7700_firmwares2350eis3300s9700s5300lis5300si_firmwares6300eis5300li_firmwares3300_firmwares5300sis9300_firmwares5300eis6300ei_firmwares2350ei_firmwares2300_firmwares5310his5300ei_firmwares7700s5310hi_firmwares9700_firmwares9300n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-37027
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.15%
||
7 Day CHG~0.00%
Published-25 Feb, 2022 | 18:11
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service integrity.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CVE-2021-37078
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.28% / 50.73%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:04
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Uncaught Exception vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to remote Denial of Service.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2021-37117
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.22% / 44.56%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 21:07
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosMagic UIEMUIHarmony OS
CVE-2021-37043
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.37%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:02
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to malicious application processes occupy system resources.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosHarmonyOS
CWE ID-CWE-287
Improper Authentication
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 31
  • 32
  • Next
Details not found