CVE-2016-8802: Buffer Overflow
First published: Sun Apr 02 2017(Updated: )
The security policy processing module in Huawei Secospace USG6300 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6500 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6600 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200 allows authenticated attackers to setup a specific security policy into the devices, causing a buffer overflow and crashing the system.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei Secospace USG6300 Firmware | =v500r001c20spc100 | |
| Huawei Secospace USG6300 Firmware | =v500r001c20spc101 | |
| Huawei Secospace USG6300 Firmware | =v500r001c20spc200 | |
| Huawei Secospace USG6300 firmware | ||
| Huawei Secospace USG6500 | =v500r001c20spc100 | |
| Huawei Secospace USG6500 | =v500r001c20spc101 | |
| Huawei Secospace USG6500 | =v500r001c20spc200 | |
| Huawei Secospace USG6500 firmware | ||
| Huawei Secospace USG6600 firmware | =v500r001c20spc100 | |
| Huawei Secospace USG6600 firmware | =v500r001c20spc101 | |
| Huawei Secospace USG6600 firmware | =v500r001c20spc200 | |
| Huawei Secospace USG6600 firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2016-8802?
CVE-2016-8802 has a high severity rating due to its impact on security policy processing in the affected Huawei devices.
How do I fix CVE-2016-8802?
To fix CVE-2016-8802, you should update the firmware of Huawei Secospace USG6300, USG6500, or USG6600 to the latest available version.
Which products are affected by CVE-2016-8802?
CVE-2016-8802 affects Huawei Secospace USG6300, USG6500, and USG6600 models with specific firmware versions V500R001C20SPC100, V500R001C20SPC101, and V500R001C20SPC200.
What versions of Huawei Secospace devices are vulnerable to CVE-2016-8802?
The vulnerable versions for CVE-2016-8802 include V500R001C20SPC100, V500R001C20SPC101, and V500R001C20SPC200.
Are all devices in the Huawei Secospace USG series vulnerable to CVE-2016-8802?
Not all devices in the Huawei Secospace USG series are vulnerable, only those explicitly listed with the affected firmware versions.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/huawei
- canonical/huawei usg6300e firmware
- version/huawei usg6300e firmware/v500r001c20spc100
- version/huawei usg6300e firmware/v500r001c20spc101
- version/huawei usg6300e firmware/v500r001c20spc200
- canonical/huawei secospace usg6300 firmware
- canonical/huawei secospace usg6500
- version/huawei secospace usg6500/v500r001c20spc100
- version/huawei secospace usg6500/v500r001c20spc101
- version/huawei secospace usg6500/v500r001c20spc200
- canonical/huawei secospace usg6500 firmware
- canonical/huawei secospace usg6600 firmware
- version/huawei secospace usg6600 firmware/v500r001c20spc100
- version/huawei secospace usg6600 firmware/v500r001c20spc101
- version/huawei secospace usg6600 firmware/v500r001c20spc200