CVE-2017-15315
Description
Patch module of Huawei NIP6300 V500R001C20SPC100, V500R001C20SPC200, NIP6600 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6300 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6500 V500R001C20SPC100, V500R001C20SPC200 has a memory leak vulnerability. An authenticated attacker could execute special commands many times, the memory leaking happened, which would cause the device to reset finally.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Memory leak in patch module of Huawei NIP6300, NIP6600, Secospace USG6300, USG6500 allows authenticated attacker to cause device reset by repeatedly executing special commands.
Vulnerability
The patch module of Huawei NIP6300, NIP6600, Secospace USG6300, and Secospace USG6500 contains a memory leak vulnerability. Affected versions are V500R001C20SPC100 and V500R001C20SPC200. The vulnerability is triggered when an authenticated attacker executes special commands repeatedly, leading to memory exhaustion [1].
Exploitation
An attacker must have authenticated access to the device. By executing special commands many times, the attacker causes a memory leak in the patch module. No user interaction or additional privileges beyond authentication are required [1].
Impact
Successful exploitation results in memory exhaustion, causing the device to reset. This leads to a denial of service (availability impact). No confidentiality or integrity impact is described in the available references [1].
Mitigation
Huawei has released software updates to fix this vulnerability. Users should upgrade to V500R001C30SPC100 or the appropriate PWE version as listed in the advisory. No workarounds are documented. The vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
5- Range: = V500R001C20SPC100, V500R001C20SPC200
- Range: = V500R001C20SPC100, V500R001C20SPC200
- Huawei Technologies Co., Ltd./NIP6300,NIP6600,Secospace USG6300,Secospace USG6500v5Range: NIP6300 V500R001C20SPC100, V500R001C20SPC200,NIP6600 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6300 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6500 V500R001C20SPC100, V500R001C20SPC200
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-command-enmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.