Security Bulletin
This security bulletin contains one medium risk vulnerability.
EUVDB-ID: #VU23898
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-5304
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause a denial of service (DoS) condition.
The vulnerability exists due to insufficient input validation of some parameters in the messages. A remote attacker can send a specific MPLS Echo Request message, trigger memory corruption and reset the device.
MitigationInstall updates from vendor's website.
Vulnerable software versionsHuawei AR120-S: V200R006C10 - V200R008C50
Huawei AR1200: V200R003C01 - V200R008C50
Huawei AR1200-S: V200R003C01 - V200R008C50
Huawei AR150: V200R003C01 - V200R008C50
Huawei AR150-S: V200R003C01 - V200R008C50
Huawei AR160: V200R005C20 - V200R008C50
Huawei AR200: V200R003C01 - V200R008C50
Huawei AR200-S: V200R003C01 - V200R008C50
Huawei AR2200: V200R003C01 - V200R008C50
Huawei AR2200-S: V200R003C01 - V200R008C50
Huawei AR3200: V200R003C01 - V200R008C50
Huawei AR3600: V200R006C10 - V200R008C50
Huawei IPS Module: V500R001C20 - V500R001C30
Huawei NGFW Module: V500R001C20 - V500R002C00
Huawei NIP6300: V500R001C20 - V500R001C30
Huawei NIP6600: V500R001C20 - V500R001C30
Huawei NetEngine16EX: V200R005C20 - V200R008C50
Huawei S5700: V200R005C00 - V200R011C00
Huawei S6700: V200R005C00 - V200R011C00
Huawei SRG1300: V200R003C01 - V200R008C50
Huawei SRG2300: V200R003C01 - V200R008C50
Huawei SRG3300: V200R003C01 - V200R008C50
Huawei Secospace AntiDDoS8000: V500R001C20 - V500R005C00
Huawei Secospace USG6300: V500R001C20 - V500R001C30
Huawei Secospace USG6500: V500R001C20 - V500R001C30
Huawei Secospace USG6600: V500R001C20 - V500R001C30
External linkshttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-01-buffer-en
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.