Unauthorized Access Vulnerability in Huawei Campus Network Equipment
CVE-2014-4707

8.8HIGH

Key Information:

Vendor

Huawei
Status
S7700,s9300,s9700 S7700 V200r001c00spc300, V200r002c00spc100, V200r003c00spc300,s9300 V200r001c00spc300, V200r002c00spc100, V200r003c00spc300,s9700 V200r001c00spc300, V200r002c00spc100, V200r003c00spc300,
Vendor
CVE Published:
2 April 2017

What is CVE-2014-4707?

Huawei Campus network equipment, including models S7700, S9300, and S9700, are susceptible to an unauthorized access vulnerability that permits malicious users to upgrade bootrom or bootload software. This flaw enables attackers to bypass critical menu protection mechanisms, conduct menu compromise attacks, or circumvent upgrade protection features, potentially compromising the integrity and functionality of the network devices.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

S7700,S9300,S9700 S7700 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300,S9300 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300,S9700 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, S7700,S9300,S9700 S7700 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300,S9300 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300,S9700 V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300,

References

http://www.huawei.com/en/psirt/security-advisories/hw-334629
x_refsource_CONFIRM

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.