CVE-2019-5300

Published: Jun 4, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the affected device. A local attacker with high privilege may exploit the vulnerability to bypass integrity checks for software images and install a malicious software image on the affected device.

Vendor	Product	Versions
Huawei	AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300, SRG3300	affected `AR1200 V200R008C50` affected `AR1200 V200R009C00` affected `AR1200 V200R010C00` affected `AR1200-S V200R007C00` affected `AR1200-S V200R008C20` +12 more versions

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190320-01-ar-en

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-5300

Description

Affected Products

References