Vulnerabilities > CVE-2017-17152 - Out-of-bounds Write vulnerability in Huawei products

CVSS 5.9 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

high complexity

huawei

CWE-787

NVD

Published: 2018-02-15

Updated: 2018-02-26

Summary

IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6600 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, Secospace USG6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6600 V500R001C00, V500R001C00SPC100, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC301, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200PWE, V500R001C20SPC300, V500R001C20SPC300B078, V500R001C20SPC300PWE, USG9500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC303, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE has an out-of-bounds write vulnerability due to insufficient input validation. An attacker could exploit it to craft special packets to trigger out-of-bounds memory write, which may further lead to system exceptions.

Vulnerable Configurations

Part	Description	Count
OS	Huawei Huawei IPS Module Firmware V500R001C00 Huawei IPS Module Firmware V500R001C00Spc200 Huawei IPS Module Firmware V500R001C00Spc300 Huawei IPS Module Firmware V500R001C00Spc500 Huawei IPS Module Firmware V500R001C00Sph303 Huawei IPS Module Firmware V500R001C00Sph508 Huawei IPS Module Firmware V500R001C20 Huawei IPS Module Firmware V500R001C20Spc100 Huawei IPS Module Firmware V500R001C20Spc100Pwe Huawei IPS Module Firmware V500R001C20Spc200 Huawei IPS Module Firmware V500R001C20Spc200B062 Huawei IPS Module Firmware V500R001C20Spc200Pwe Huawei IPS Module Firmware V500R001C20Spc300B078 Huawei IPS Module Firmware V500R001C20Spc300Pwe Huawei Ngfw Module Firmware V500R001C00 Huawei Ngfw Module Firmware V500R001C00Spc200 Huawei Ngfw Module Firmware V500R001C00Spc300 Huawei Ngfw Module Firmware V500R001C00Spc500 Huawei Ngfw Module Firmware V500R001C00Spc500Pwe Huawei Ngfw Module Firmware V500R001C00Sph303 Huawei Ngfw Module Firmware V500R001C00Sph508 Huawei Ngfw Module Firmware V500R001C20 Huawei Ngfw Module Firmware V500R001C20Spc100 Huawei Ngfw Module Firmware V500R001C20Spc100Pwe Huawei Ngfw Module Firmware V500R001C20Spc200 Huawei Ngfw Module Firmware V500R001C20Spc200B062 Huawei Ngfw Module Firmware V500R001C20Spc200Pwe Huawei Ngfw Module Firmware V500R001C20Spc300B078 Huawei Ngfw Module Firmware V500R001C20Spc300Pwe Huawei Nip6300 Firmware V500R001C00 Huawei Nip6300 Firmware V500R001C00Spc200 Huawei Nip6300 Firmware V500R001C00Spc300 Huawei Nip6300 Firmware V500R001C00Spc500 Huawei Nip6300 Firmware V500R001C00Sph303 Huawei Nip6300 Firmware V500R001C00Sph508 Huawei Nip6300 Firmware V500R001C20 Huawei Nip6300 Firmware V500R001C20Spc100 Huawei Nip6300 Firmware V500R001C20Spc100Pwe Huawei Nip6300 Firmware V500R001C20Spc200 Huawei Nip6300 Firmware V500R001C20Spc200B062 Huawei Nip6300 Firmware V500R001C20Spc200Pwe Huawei Nip6300 Firmware V500R001C20Spc300B078 Huawei Nip6300 Firmware V500R001C20Spc300Pwe Huawei Nip6600 Firmware V500R001C00 Huawei Nip6600 Firmware V500R001C00Spc200 Huawei Nip6600 Firmware V500R001C00Spc300 Huawei Nip6600 Firmware V500R001C00Spc500 Huawei Nip6600 Firmware V500R001C00Sph303 Huawei Nip6600 Firmware V500R001C00Sph508 Huawei Nip6600 Firmware V500R001C20 Huawei Nip6600 Firmware V500R001C20Spc100 Huawei Nip6600 Firmware V500R001C20Spc100Pwe Huawei Nip6600 Firmware V500R001C20Spc200 Huawei Nip6600 Firmware V500R001C20Spc200B062 Huawei Nip6600 Firmware V500R001C20Spc200Pwe Huawei Nip6600 Firmware V500R001C20Spc300B078 Huawei Secospace Usg6300 Firmware V500R001C00 Huawei Secospace Usg6300 Firmware V500R001C00Spc200 Huawei Secospace Usg6300 Firmware V500R001C00Spc300 Huawei Secospace Usg6300 Firmware V500R001C00Spc500 Huawei Secospace Usg6300 Firmware V500R001C00Spc500Pwe Huawei Secospace Usg6300 Firmware V500R001C00Sph303 Huawei Secospace Usg6300 Firmware V500R001C00Sph508 Huawei Secospace Usg6300 Firmware V500R001C20 Huawei Secospace Usg6300 Firmware V500R001C20Spc100 Huawei Secospace Usg6300 Firmware V500R001C20Spc100Pwe Huawei Secospace Usg6300 Firmware V500R001C20Spc101 Huawei Secospace Usg6300 Firmware V500R001C20Spc200 Huawei Secospace Usg6300 Firmware V500R001C20Spc200B062 Huawei Secospace Usg6300 Firmware V500R001C20Spc200Pwe Huawei Secospace Usg6300 Firmware V500R001C20Spc300B078 Huawei Secospace Usg6300 Firmware V500R001C20Spc300Pwe Huawei Secospace Usg6500 Firmware V500R001C00 Huawei Secospace Usg6500 Firmware V500R001C00Spc200 Huawei Secospace Usg6500 Firmware V500R001C00Spc300 Huawei Secospace Usg6500 Firmware V500R001C00Spc500 Huawei Secospace Usg6500 Firmware V500R001C00Spc500Pwe Huawei Secospace Usg6500 Firmware V500R001C00Sph303 Huawei Secospace Usg6500 Firmware V500R001C00Sph508 Huawei Secospace Usg6500 Firmware V500R001C20 Huawei Secospace Usg6500 Firmware V500R001C20Spc100 Huawei Secospace Usg6500 Firmware V500R001C20Spc100Pwe Huawei Secospace Usg6500 Firmware V500R001C20Spc101 Huawei Secospace Usg6500 Firmware V500R001C20Spc200 Huawei Secospace Usg6500 Firmware V500R001C20Spc200B062 Huawei Secospace Usg6500 Firmware V500R001C20Spc200Pwe Huawei Secospace Usg6500 Firmware V500R001C20Spc300B078 Huawei Secospace Usg6500 Firmware V500R001C20Spc300Pwe Huawei Secospace Usg6600 Firmware V500R001C00 Huawei Secospace Usg6600 Firmware V500R001C00Spc100 Huawei Secospace Usg6600 Firmware V500R001C00Spc200 Huawei Secospace Usg6600 Firmware V500R001C00Spc300 Huawei Secospace Usg6600 Firmware V500R001C00Spc301 Huawei Secospace Usg6600 Firmware V500R001C00Spc500 Huawei Secospace Usg6600 Firmware V500R001C00Spc500Pwe Huawei Secospace Usg6600 Firmware V500R001C00Sph303 Huawei Secospace Usg6600 Firmware V500R001C20 Huawei Secospace Usg6600 Firmware V500R001C20Spc100 Huawei Secospace Usg6600 Firmware V500R001C20Spc100Pwe Huawei Secospace Usg6600 Firmware V500R001C20Spc101 Huawei Secospace Usg6600 Firmware V500R001C20Spc200 Huawei Secospace Usg6600 Firmware V500R001C20Spc200Pwe Huawei Secospace Usg6600 Firmware V500R001C20Spc300 Huawei Secospace Usg6600 Firmware V500R001C20Spc300B078 Huawei Secospace Usg6600 Firmware V500R001C20Spc300Pwe Huawei Usg9500 Firmware V500R001C00 Huawei Usg9500 Firmware V500R001C00Spc200 Huawei Usg9500 Firmware V500R001C00Spc300 Huawei Usg9500 Firmware V500R001C00Spc303 Huawei Usg9500 Firmware V500R001C00Spc500 Huawei Usg9500 Firmware V500R001C00Spc500Pwe Huawei Usg9500 Firmware V500R001C00Sph303 Huawei Usg9500 Firmware V500R001C00Sph508 Huawei Usg9500 Firmware V500R001C20 Huawei Usg9500 Firmware V500R001C20Spc100 Huawei Usg9500 Firmware V500R001C20Spc100Pwe Huawei Usg9500 Firmware V500R001C20Spc101 Huawei Usg9500 Firmware V500R001C20Spc200 Huawei Usg9500 Firmware V500R001C20Spc200B062 Huawei Usg9500 Firmware V500R001C20Spc200Pwe Huawei Usg9500 Firmware V500R001C20Spc300B078 Huawei Usg9500 Firmware V500R001C20Spc300Pwe	122
Hardware	Huawei Huawei IPS Module - Huawei Ngfw Module - Huawei Nip6300 - Huawei Nip6600 - Huawei Secospace Usg6300 - Huawei Secospace Usg6500 - Huawei Secospace Usg6600 - Huawei Usg9500 -	8

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-ikev2-en