CVE-2019-5294

CWE-125Out-of-bounds Read3 documents3 sources
Severity
7.5HIGH
EPSS
0.6%
top 30.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
16
Huawei Ar120-s FirmwareHuawei Ar1200-s FirmwareHuawei Ar1200 Firmware+13 more
Timeline
PublishedNov 13
Latest updateMay 24

Description

There is an out of bound read vulnerability in some Huawei products. A remote, unauthenticated attacker may send a corrupt or crafted message to the affected products. Due to a buffer read overflow error when parsing the message, successful exploit may cause some service to be abnormal.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages16 packages

NVDhuawei/ar150_firmwarev200r005c20, v200r006c10, v200r007c00+2
NVDhuawei/ar160_firmwarev200r005c20, v200r006c10, v200r007c00+2
NVDhuawei/ar200_firmwarev200r005c20, v200r006c10, v200r007c00+2
NVDhuawei/ar1200_firmwarev200r005c20, v200r006c10, v200r007c00+2
NVDhuawei/ar2200_firmwarev200r005c20, v200r006c10, v200r007c00+2

🔴Vulnerability Details

2
GHSA
GHSA-m558-43vf-cc6f: There is an out of bound read vulnerability in some Huawei products2022-05-24
CVEList
CVE-2019-5294: There is an out of bound read vulnerability in some Huawei products2019-11-13
CVE-2019-5294 (HIGH CVSS 7.5) | There is an out of bound read vulne | cvebase.io