Buffer Overflow in Huawei Videoconference Devices
CVE-2016-5234

8.1HIGH

Key Information:

Vendor: Huawei
Status: Rse6500 Firmware
Vendor: CVE Published:; 13 June 2016

What is CVE-2016-5234?

Huawei's VP9660, VP9650, and VP9630 multipoint control units, along with RSE6500 videoconference devices, are susceptible to a buffer overflow vulnerability when an unspecified service is enabled. This flaw allows remote attackers to execute arbitrary code by sending specially crafted packets, potentially compromising the integrity and security of the affected devices.

References

http://www.securityfocus.com/bid/90978

vdb-entryx_refsource_BID

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 13, 2016
Vulnerability Reserved
Jun 1, 2016