First published: Mon Mar 05 2018(Updated: )
Huawei VP9660 V500R002C10 has a null pointer reference vulnerability in license module due to insufficient verification. An authenticated local attacker could place a malicious license file into system which cause memory null pointer accessing and related processing crash. The attacker can exploit this vulnerability to cause a denial of service.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei Vp9660 Firmware | =v500r002c10 | |
Huawei VP9660 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-17133 is a vulnerability found in Huawei VP9660 V500R002C10 that allows an authenticated local attacker to place a malicious license file into the system, causing memory null pointer accessing and related processing crash.
CVE-2017-17133 affects Huawei VP9660 V500R002C10 with a null pointer reference vulnerability in the license module, due to insufficient verification.
The severity of CVE-2017-17133 is medium, with a CVSS severity score of 5.5.
An authenticated local attacker can exploit CVE-2017-17133 by placing a malicious license file into the system, triggering memory null pointer accessing and causing a crash in the related processing.
To fix CVE-2017-17133, users should update to a patched version of Huawei VP9660 firmware V500R002C10 or later, as recommended by the vendor.