First published: Tue Jun 04 2019(Updated: )
There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the affected device. A local attacker with high privilege may exploit the vulnerability to bypass integrity checks for software images and install a malicious software image on the affected device.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
Huawei Ar1200 Firmware | =v200r007c00 | |
Huawei Ar1200 Firmware | =v200r008c20 | |
Huawei Ar1200 Firmware | =v200r008c50 | |
Huawei Ar1200 Firmware | =v200r009c00 | |
Huawei Ar1200 Firmware | =v200r010c00 | |
Huawei Ar1200e | ||
Huawei Ar1220c | ||
Huawei Ar1220ev | ||
Huawei Ar1220evw | ||
Huawei Ar1200-s Firmware | =v200r007c00 | |
Huawei Ar1200-s Firmware | =v200r008c20 | |
Huawei Ar1200-s Firmware | =v200r008c50 | |
Huawei Ar1200-s Firmware | =v200r009c00 | |
Huawei Ar1200-s Firmware | =v200r010c00 | |
Huawei Ar1220f-s | ||
Huawei Ar150 Firmware | =v200r007c00 | |
Huawei Ar150 Firmware | =v200r008c20 | |
Huawei Ar150 Firmware | =v200r008c50 | |
Huawei Ar150 Firmware | =v200r009c00 | |
Huawei Ar150 Firmware | =v200r010c00 | |
Huawei Ar158evw | ||
Huawei Ar160 Firmware | =v200r007c00 | |
Huawei Ar160 Firmware | =v200r008c20 | |
Huawei Ar160 Firmware | =v200r008c50 | |
Huawei Ar160 Firmware | =v200r009c00 | |
Huawei Ar160 Firmware | =v200r010c00 | |
Huawei Ar161 | ||
Huawei Ar161ew | ||
Huawei Ar161f | ||
Huawei Ar161f-dgp | ||
Huawei Ar161fg-l | ||
Huawei Ar161fgw-l | ||
Huawei Ar161fv-1p | ||
Huawei Ar161fw | ||
Huawei Ar161g-l | ||
Huawei Ar161w | ||
Huawei Ar168f | ||
Huawei Ar168f-4p | ||
Huawei Ar169 | ||
Huawei Ar169egw-l | ||
Huawei Ar169ew | ||
Huawei Ar169f | ||
Huawei Ar169fgw-l | ||
Huawei Ar169fvw | ||
Huawei Ar169fvw-8s | ||
Huawei Ar169g-l | ||
Huawei Ar169jfvw-2s | ||
Huawei Ar169w | ||
Huawei Ar200 Firmware | =v200r007c00 | |
Huawei Ar200 Firmware | =v200r008c20 | |
Huawei Ar200 Firmware | =v200r008c50 | |
Huawei Ar200 Firmware | =v200r009c00 | |
Huawei Ar200 Firmware | =v200r010c00 | |
Huawei Ar201 | ||
Huawei Ar2200 Firmware | =v200r007c00 | |
Huawei Ar2200 Firmware | =v200r008c20 | |
Huawei Ar2200 Firmware | =v200r008c50 | |
Huawei Ar2200 Firmware | =v200r009c00 | |
Huawei Ar2200 Firmware | =v200r010c00 | |
Huawei Ar2204-27ge | ||
Huawei Ar2204-27ge-p | ||
Huawei Ar2204-51ge-p | ||
Huawei Ar2204e | ||
Huawei Ar2204xe | ||
Huawei Ar2220e | ||
Huawei Ar2240 | ||
Huawei Ar2240c | ||
Huawei Ar2200s Firmware | =v200r007c00 | |
Huawei Ar2200s Firmware | =v200r008c20 | |
Huawei Ar2200s Firmware | =v200r008c50 | |
Huawei Ar2200s Firmware | =v200r009c00 | |
Huawei Ar2200s Firmware | =v200r010c00 | |
Huawei Ar2200s | ||
Huawei Ar3200 Firmware | =v200r007c00 | |
Huawei Ar3200 Firmware | =v200r008c20 | |
Huawei Ar3200 Firmware | =v200r008c50 | |
Huawei Ar3200 Firmware | =v200r009c00 | |
Huawei Ar3200 Firmware | =v200r010c00 | |
Huawei Ar3260 | ||
Huawei Srg1300 Firmware | =v200r007c00 | |
Huawei Srg1300 Firmware | =v200r008c50 | |
Huawei Srg1300 Firmware | =v200r009c00 | |
Huawei Srg1300 Firmware | =v200r010c00 | |
Huawei Srg1320vw | ||
Huawei Srg2300 Firmware | =v200r007c00 | |
Huawei Srg2300 Firmware | =v200r008c50 | |
Huawei Srg2300 Firmware | =v200r009c00 | |
Huawei Srg2300 Firmware | =v200r010c00 | |
Huawei Srg2320e | ||
Huawei Srg3300 Firmware | =v200r007c00 | |
Huawei Srg3300 Firmware | =v200r008c50 | |
Huawei Srg3300 Firmware | =v200r009c00 | |
Huawei Srg3300 Firmware | =v200r010c00 | |
Huawei Srg3340 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.