Vulnerabilities > CVE-2014-9693 - Data Processing Errors vulnerability in Huawei products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

huawei

CWE-19

NVD

Published: 2017-04-02

Updated: 2017-04-05

Summary

Huawei Tecal RH1288 V2 V100R002C00SPC107 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285 V2 V100R002C00SPC115 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285H V2 V100R002C00SPC111 and earlier versions, Tecal RH2268 V2 V100R002C00, Tecal RH2288 V2 V100R002C00SPC117 and earlier versions, Tecal RH2288H V2 V100R002C00SPC115 and earlier versions, Tecal RH2485 V2 V100R002C00SPC502 and earlier versions, Tecal RH5885 V2 V100R001C02SPC109 and earlier versions, Tecal RH5885 V3 V100R003C01SPC102 and earlier versions, Tecal RH5885H V3 V100R003C00SPC102 and earlier versions, Tecal XH310 V2 V100R001C00SPC110 and earlier versions, Tecal XH311 V2 V100R001C00SPC110 and earlier versions, Tecal XH320 V2 V100R001C00SPC110 and earlier versions, Tecal XH621 V2 V100R001C00SPC106 and earlier versions, Tecal DH310 V2 V100R001C00SPC110 and earlier versions, Tecal DH320 V2 V100R001C00SPC106 and earlier versions, Tecal DH620 V2 V100R001C00SPC106 and earlier versions, Tecal DH621 V2 V100R001C00SPC107 and earlier versions, Tecal DH628 V2 V100R001C00SPC107 and earlier versions, Tecal BH620 V2 V100R002C00SPC107 and earlier versions, Tecal BH621 V2 V100R002C00SPC106 and earlier versions, Tecal BH622 V2 V100R002C00SPC110 and earlier versions, Tecal BH640 V2 V100R002C00SPC108 and earlier versions, Tecal CH121 V100R001C00SPC180 and earlier versions, Tecal CH140 V100R001C00SPC110 and earlier versions, Tecal CH220 V100R001C00SPC180 and earlier versions, Tecal CH221 V100R001C00SPC180 and earlier versions, Tecal CH222 V100R002C00SPC180 and earlier versions, Tecal CH240 V100R001C00SPC180 and earlier versions, Tecal CH242 V100R001C00SPC180 and earlier versions, Tecal CH242 V3 V100R001C00SPC110 and earlier versions could allow attackers to execute arbitrary code or restart the system via crafted DNS packets.

Vulnerable Configurations

Part	Description	Count
OS	Huawei Huawei Tecal Rh1288 V2 Firmware - Huawei Tecal Rh1288 V2 Firmware V100R002C00Spc107 Huawei Tecal Rh2265 V2 Firmware V100R002C00 Huawei Tecal Rh2285 V2 Firmware - Huawei Tecal Rh2285 V2 Firmware V100R002C00Spc115 Huawei Tecal Rh2285H V2 Firmware - Huawei Tecal Rh2285H V2 Firmware V100R002C00Spc111 Huawei Tecal Rh2268 V2 Firmware V100R002C00 Huawei Tecal Rh2288 V2 Firmware - Huawei Tecal Rh2288 V2 Firmware V100R002C00Spc117 Huawei Tecal Rh2288H V2 Firmware - Huawei Tecal Rh2288H V2 Firmware V100R002C00Spc115 Huawei Tecal Rh2485 V2 Firmware - Huawei Tecal Rh2485 V2 Firmware V100R002C00Spc502 Huawei Tecal Rh5885 V2 Firmware - Huawei Tecal Rh5885 V2 Firmware V100R001C02Spc109 Huawei Tecal Rh5885 V3 Firmware - Huawei Tecal Rh5885 V3 Firmware V100R003C01Spc102 Huawei Tecal Rh5885H V3 Firmware - Huawei Tecal Rh5885H V3 Firmware V100R003C00Spc102 Huawei Tecal Xh310 V2 Firmware - Huawei Tecal Xh310 V2 Firmware V100R001C00Spc110 Huawei Tecal Xh311 V2 Firmware - Huawei Tecal Xh311 V2 Firmware V100R001C00Spc110 Huawei Tecal Xh320 V2 Firmware - Huawei Tecal Xh320 V2 Firmware V100R001C00Spc110 Huawei Tecal Xh621 V2 Firmware - Huawei Tecal Xh621 V2 Firmware V100R001C00Spc106 Huawei Tecal Dh310 V2 Firmware - Huawei Tecal Dh310 V2 Firmware V100R001C00Spc110 Huawei Tecal Dh320 V2 Firmware - Huawei Tecal Dh320 V2 Firmware V100R001C00Spc106 Huawei Tecal Dh620 V2 Firmware - Huawei Tecal Dh620 V2 Firmware V100R001C00Spc106 Huawei Tecal Dh621 V2 Firmware - Huawei Tecal Dh621 V2 Firmware V100R001C00Spc107 Huawei Tecal Dh628 V2 Firmware - Huawei Tecal Dh628 V2 Firmware V100R001C00Spc107 Huawei Tecal Bh620 V2 Firmware - Huawei Tecal Bh620 V2 Firmware V100R002C00Spc107 Huawei Tecal Bh621 V2 Firmware - Huawei Tecal Bh621 V2 Firmware V100R002C00Spc106 Huawei Tecal Bh622 V2 Firmware - Huawei Tecal Bh622 V2 Firmware V100R002C00Spc110 Huawei Tecal Bh640 V2 Firmware - Huawei Tecal Bh640 V2 Firmware V100R002C00Spc108 Huawei Tecal Ch121 Firmware - Huawei Tecal Ch121 Firmware V100R001C00Spc180 Huawei Tecal Ch140 Firmware - Huawei Tecal Ch140 Firmware V100R001C00Spc110 Huawei Tecal Ch220 Firmware - Huawei Tecal Ch220 Firmware V100R001C00Spc180 Huawei Tecal Ch221 Firmware - Huawei Tecal Ch221 Firmware V100R001C00Spc180 Huawei Tecal Ch222 Firmware - Huawei Tecal Ch222 Firmware V100R002C00Spc180 Huawei Tecal Ch240 Firmware - Huawei Tecal Ch240 Firmware V100R001C00Spc180 Huawei Tecal Ch242 Firmware - Huawei Tecal Ch242 Firmware V100R001C00Spc180 Huawei Tecal Ch242 V3 Firmware - Huawei Tecal Ch242 V3 Firmware V100R001C00Spc110	62
Hardware	Huawei Huawei Tecal Rh1288 V2 - Huawei Tecal Rh2265 V2 - Huawei Tecal Rh2285 V2 - Huawei Tecal Rh2285H V2 - Huawei Tecal Rh2268 V2 - Huawei Tecal Rh2288 V2 - Huawei Tecal Rh2288H V2 - Huawei Tecal Rh2485 V2 - Huawei Tecal Rh5885 V2 - Huawei Tecal Rh5885 V3 - Huawei Tecal Rh5885H V3 - Huawei Tecal Xh310 V2 - Huawei Tecal Xh311 V2 - Huawei Tecal Xh320 V2 - Huawei Tecal Xh621 V2 - Huawei Tecal Dh310 V2 - Huawei Tecal Dh320 V2 - Huawei Tecal Dh620 V2 - Huawei Tecal Dh621 V2 - Huawei Tecal Dh628 V2 - Huawei Tecal Bh620 V2 - Huawei Tecal Bh621 V2 - Huawei Tecal Bh622 V2 - Huawei Tecal Bh640 V2 - Huawei Tecal Ch121 - Huawei Tecal Ch140 - Huawei Tecal Ch220 - Huawei Tecal Ch221 - Huawei Tecal Ch222 - Huawei Tecal Ch240 - Huawei Tecal Ch242 - Huawei Tecal Ch242 V3 -	32

Common Weakness Enumeration (CWE)

CWE-19 - Data Processing Errors

Common Attack Pattern Enumeration and Classification (CAPEC)

Overflow Buffers
Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
XML Nested Payloads
Applications often need to transform data in and out of the XML format by using an XML parser. It may be possible for an attacker to inject data that may have an adverse effect on the XML parser when it is being processed. By nesting XML data and causing this data to be continuously self-referential, an attacker can cause the XML parser to consume more resources while processing, causing excessive memory consumption and CPU utilization. An attacker's goal is to leverage parser failure to his or her advantage. In most cases this type of an attack will result in a denial of service due to an application becoming unstable, freezing, or crash. However it may be possible to cause a crash resulting in arbitrary code execution, leading to a jump from the data plane to the control plane [R.230.1].
XML Oversized Payloads
Applications often need to transform data in and out of the XML format by using an XML parser. It may be possible for an attacker to inject data that may have an adverse effect on the XML parser when it is being processed. By supplying oversized payloads in input vectors that will be processed by the XML parser, an attacker can cause the XML parser to consume more resources while processing, causing excessive memory consumption and CPU utilization, and potentially cause execution of arbitrary code. An attacker's goal is to leverage parser failure to his or her advantage. In many cases this type of an attack will result in a denial of service due to an application becoming unstable, freezing, or crash. However it is possible to cause a crash resulting in arbitrary code execution, leading to a jump from the data plane to the control plane [R.231.1].
XML Client-Side Attack
Client applications such as web browsers that process HTML data often need to transform data in and out of the XML format by using an XML parser. It may be possible for an attacker to inject data that may have an adverse effect on the XML parser when it is being processed. These adverse effects may include the parser crashing, consuming too much of a resource, executing too slowly, executing code supplied by an attacker, allowing usage of unintended system functionality, etc. An attacker's goal is to leverage parser failure to his or her advantage. In some cases it may be possible to jump from the data plane to the control plane via bad data being passed to an XML parser. [R.484.1]
XML Parser Attack
Applications often need to transform data in and out of the XML format by using an XML parser. It may be possible for an attacker to inject data that may have an adverse effect on the XML parser when it is being processed. These adverse effects may include the parser crashing, consuming too much of a resource, executing too slowly, executing code supplied by an attacker, allowing usage of unintended system functionality, etc. An attacker's goal is to leverage parser failure to his or her advantage. In some cases it may be possible to jump from the data plane to the control plane via bad data being passed to an XML parser. [R.99.1]

References

http://www.huawei.com/en/psirt/security-advisories/hw-408100