CVE-2019-19416

EPSS 0.9%

The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en.

Productos afectados

Huawei · AR1200 Huawei · AR1200-S Huawei · AR120-S Huawei · AR150 Huawei · AR150-S Huawei · AR160 Huawei · AR200 Huawei · AR200-S Huawei · AR2200 Huawei · AR2200-S Huawei · AR3200 Huawei · AR3600 Huawei · AR510 Huawei · DP300 Huawei · eSpace U1910 Huawei · eSpace U1911 Huawei · eSpace U1930 Huawei · eSpace U1960 Huawei · eSpace U1980 Huawei · eSpace U1981 Huawei · IPS Module Huawei · NetEngine16EX Huawei · NGFW Module Huawei · NIP6300 Huawei · NIP6600 Huawei · NIP6800 Huawei · RSE6500 Huawei · Secospace USG6300 Huawei · Secospace USG6500 Huawei · Secospace USG6600 Huawei · SeMG9811 Huawei · SMC2.0 Huawei · SoftCo Huawei · SRG1300 Huawei · SRG2300 Huawei · SRG3300 Huawei · SVN5600 Huawei · SVN5800 Huawei · SVN5800-C Huawei · TE30 Huawei · TE40 Huawei · TE50 Huawei · TE60 Huawei · TP3206 Huawei · USG9500 Huawei · USG9520 Huawei · USG9560 Huawei · ViewPoint 8660 Huawei · ViewPoint 9030 Huawei · VP9660

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en