Improper certifiacte verification in Huawei 7900 IP Phones



Published: 2019-07-29
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2019-5280
CWE-ID CWE-295
Exploitation vector Local network
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerable software
Subscribe 		CloudLink Phone 7900
Hardware solutions / Office equipment, IP-phones, print servers

Vendor Huawei

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Improper Certificate Validation

EUVDB-ID: #VU19551

Risk: Low

CVSSv3.1: 2.8 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]

CVE-ID: CVE-2019-5280

CWE-ID: CWE-295 - Improper Certificate Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause affected phones registered abnormally.

The vulnerability exists due to the insufficient verification of specific parameters of the TLS server certificate. A remote attacker can perform man-in-the-middle attacks. This leads to the affected phones registered abnormally, affects the availability of IP phones.


Mitigation

Install updates from vendor's website.

Vulnerable software versions

CloudLink Phone 7900: V600R019C10

External links

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190724-01-7900-en


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.



###SIDEBAR###