FKIE_CVE-2019-5300
Vulnerability from fkie_nvd - Published: 2019-06-04 19:29 - Updated: 2024-11-21 04:44
Severity ?
Summary
There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the affected device. A local attacker with high privilege may exploit the vulnerability to bypass integrity checks for software images and install a malicious software image on the affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F64071E5-6ACD-4E51-9162-B0FF3DC08E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "C623D44E-463B-49A3-81F8-AD219E035B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "75E27982-56E6-4A6F-9124-34C7420FDDE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "7EB8B580-EF85-44FE-A7A1-455CD5A7BF85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "3202830A-D5CF-411F-B94A-167576919F38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar1200e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B8F6BA3-E2C0-410D-A5E5-6E95545E5467",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar1220c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC75BE34-DC7C-45F3-8F19-F703EF4D5982",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar1220ev:-:*:*:*:*:*:*:*",
"matchCriteriaId": "141A9CA7-59A5-4BA4-A7A7-C876A4426C00",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar1220evw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14DAC925-7F20-45B9-B753-B7F0EEE3C7F1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D125153E-FE39-49A7-95AA-9482C78E7114",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "8A0C5EF2-05D5-4DE5-AFA3-5394E51B33E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "DF226F5B-7BF8-4475-8C0C-91E2E43C6E53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE54D66-BE3A-492D-B381-4E63880D8088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6BF5574-175F-4438-A1D1-0EAA8280388B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar1220f-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B043BAD-75CD-4D7B-BA3C-118519B64A39",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "455D7A4E-523E-40C8-958D-59D128F3E797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "6B64AE02-D345-4628-A086-7C63C255707C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "25AB058D-C4EB-416F-ACD3-B6ACC2BD83AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "411499D2-DD34-4131-8310-0CCC351D28F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A87F4819-180D-488B-B8D8-C10B5076F9AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar158evw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37D521BD-2D68-494F-ADF3-CA836A9860FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5B15E8B7-9F4B-45F1-B4FF-B32AF8CEA9FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "A685289C-08B1-43D4-9970-84A7FC75E54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "2D609298-9ACE-4726-AD04-6765D8F2C374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A07BC16A-C102-4B21-BF61-C7AE1452BA3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "75124BF8-A5FC-46BB-83CF-0C2B7CF92F1B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar161:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A206CEBA-27BF-4F73-9E16-DEC0B305BB9C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar161ew:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ABF308C-9C4F-4C1E-ADD6-969CDF656BE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar161f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE33C6C9-87F8-42DC-89B1-7C3F5CDFE32E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar161f-dgp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B19316A6-DDB7-4181-9373-30DDF532E203",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar161fg-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4917007C-227B-4F1D-AA58-76487A00DF87",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar161fgw-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB72AFF6-A296-497D-83D4-5C700FE9D635",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar161fv-1p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3AD4730-5311-4477-8E10-421BE84912F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar161fw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E39599B-F0F7-4BB8-9E02-91D470995EF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar161g-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99F89646-40DE-499F-9588-4FC7C13D1CCD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar161w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7EF0D65-C352-495A-8DD5-78AC66E8480C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar168f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0124D47-B343-45AD-A06F-9A186A499F84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar168f-4p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "663A08C1-0F99-4050-A6DA-0081827283C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar169:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2734E4-B511-4C70-9B5F-8DA0A9963E26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar169egw-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCACD162-8331-47CF-9F77-F71221565AFA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar169ew:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CAAA155B-34BF-4F75-924D-FAB6601FCD46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar169f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58721B8C-8A6F-4889-B3D1-6433AB485E40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar169fgw-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA425686-6C6C-4ADB-AC8A-D7FE924E340E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar169fvw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81601B04-7FC6-4776-9EBC-3C825DA1B7F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar169fvw-8s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1772765A-EE39-4AC0-A6BA-B79AC5D93A8A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar169g-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B739B694-237A-4AF2-8A0E-63F902DFB656",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar169jfvw-2s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99BD1519-AF5F-460F-90D6-4FF9CB7CD9EB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar169w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70E1AE34-BEDD-437A-B1F0-606AF4409893",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "622686BB-9302-449F-9351-75B189D1B184",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "344D64D1-A9B3-4BFA-ACF3-B421ED427A9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "A1ED9DF8-A444-4684-932D-12B4B2F98736",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "C06FB07B-D74B-42A8-9CE7-CD3FC7217F11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "0924BB8D-A8A8-4F0F-9CE7-198B399E0685",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar201:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF8E24FB-1DD4-4DD8-8221-129C30C65E45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F377CE1E-77A7-447F-B692-A54682A26BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "E6A7DDB3-4A2B-46A5-B952-F0FECF88373E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "64CC27CC-EE60-46DE-91CE-6C83AF1F7B3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5658BAA0-3FCC-4DCB-BDD1-42D00263B29D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "158BF3D7-0195-4E73-A8A9-4536216C3CD0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar2204-27ge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1CACBBC-327A-40A6-9DD1-49335B296238",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar2204-27ge-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9079BB36-E42F-49D6-94D2-D9650A4C3E5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar2204-51ge-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E128F1C9-577C-4F4A-B98B-AB268F703DB2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar2204e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A614397B-C24D-4D69-B84A-05FBBC6AFC23",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar2204xe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67725998-BDD7-4624-8A9F-6CC594293B14",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar2220e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CC3FEDF-D877-400A-AE16-7EA1C82E042E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar2240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BD5CAC3-80C9-484D-B715-55FEC0543554",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:huawei:ar2240c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C570769A-B882-4AB9-A6AC-381020A6BCA1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar2200s_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "86D6EF09-27A6-493B-BDC6-D6C3AA7DB825",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200s_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "59E43441-15B2-4EE0-AB87-6004BA6DD6C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200s_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "078ED368-3950-49D1-BC31-523B83165EF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200s_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A2639415-69D4-44E5-BDB5-28B3E09117A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar2200s_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "0F7032EF-10C2-4E24-96F7-DEC39F7A1363",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar2200s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BC03A9-BBAE-4712-AC58-0338EB572EBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9752658E-3CF5-4D9E-98FB-D15FD892479C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r008c20:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D0F6C6-5A87-482B-8B2A-693AC7736CB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD70804-3A07-4C82-806B-5F5CA075ABF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "73E5EE31-3D31-4C59-B2C1-B0BCF3294D9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "2A5BCC5C-CDFB-4B52-8E2D-E85BEC28FD2A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar3260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3898C07-F3A3-4C40-95EE-C2F524C5EB31",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B319F31F-94D7-468F-8F71-96F40867AEA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "D578E607-CF83-4121-8AF9-EF1DBE5FE42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "65DEB87D-8F28-4AC6-9ADC-E13146011102",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B68CB9B0-C32C-4EC5-81D0-ED23DB6D8EC9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:srg1320vw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B98B6177-EFAF-493E-B02B-AE6095A1452F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D10EBBF2-8F03-472C-96DB-C72E426E4E38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "D672376C-4256-4CFB-A515-56E31A6706AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E8486420-C7CA-4296-A9B8-E4DDC1A23530",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB2C78B-0736-4AA2-A283-AD4441D7EBEA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:srg2320e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93EAE9D3-6A9E-4E4F-9550-79EB303A5A83",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4619CF2C-AB5D-475A-ACF6-61EE02306F7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r008c50:*:*:*:*:*:*:*",
"matchCriteriaId": "43BAC724-4E88-4E3B-9F95-8086D68CADA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "10511D02-503D-43AD-8306-FA1E9A52B8C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A05A3FA6-0B32-40A2-BCCE-4395B3DCB2DB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:srg3340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CA1C39E-E679-4EF4-8BF4-D1B46DD614E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the affected device. A local attacker with high privilege may exploit the vulnerability to bypass integrity checks for software images and install a malicious software image on the affected device."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de omisi\u00f3n de verificaci\u00f3n de firma digital en los routers Huawei AR1200, AR1200-S, AR150, AR160, AR20000, AR2200-S, AR3200, SRG1300, SRG2300 y SRG3300. La vulnerabilidad se debe a que el software afectado verifica incorrectamente las firmas digitales de la imagen del software en el dispositivo afectado. Un atacante local con alto privilegio puede aprovechar la vulnerabilidad para omitir las comprobaciones de integridad de las im\u00e1genes de software e instalar una imagen de software malintencionado en el dispositivo afectado."
}
],
"id": "CVE-2019-5300",
"lastModified": "2024-11-21T04:44:42.073",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-04T19:29:00.633",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…