Improper Certificate Validation in CloudLink Phone 7900

#VU19551 Improper Certificate Validation in CloudLink Phone 7900

Published: 2019-07-29 | Updated: 2019-07-29

Vulnerability identifier: #VU19551

Vulnerability risk: Low

CVSSv3.1: 2.8 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]

CVE-ID: CVE-2019-5280

CWE-ID: CWE-295

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
CloudLink Phone 7900
Hardware solutions / Office equipment, IP-phones, print servers

Vendor: Huawei

Description

The vulnerability allows a remote attacker to cause affected phones registered abnormally.

The vulnerability exists due to the insufficient verification of specific parameters of the TLS server certificate. A remote attacker can perform man-in-the-middle attacks. This leads to the affected phones registered abnormally, affects the availability of IP phones.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

CloudLink Phone 7900: V600R019C10

External links
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190724-01-7900-en

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Improper certifiacte verification in Huawei 7900 IP Phones