CVE-2017-17308
CVE-2017-17308
In short
Huawei videoconference devices (DP300, RP200, TE30/40/50/60) have a flaw where they don't properly check incoming network packets, allowing an attacker to send malicious data that crashes or disrupts services without needing a password.
Technical detail
The SCCPX module in multiple Huawei endpoints contains an invalid memory access vulnerability triggered by insufficient packet validation. An unauthenticated remote attacker can craft and send specially formed packets to trigger memory access violations, resulting in denial of service or service degradation.
Summary generated and translated by AI from the official description.
SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal.
Affected products
Huawei Technologies Co., Ltd. · DP300, RP200, TE30, TE40, TE50, TE60Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →