VYPR
← All advisories
High severity7.5NVD Advisory· Published Dec 22, 2017· Updated May 13, 2026

CVE-2017-15318

CVE-2017-15318

Description

RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input validation, a remote attacker could exploit these vulnerabilities by sending specially crafted SS7 related packets to the target devices. Successful exploit will cause out-of-bounds read and possibly crash the system.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Out-of-bounds read in Huawei RP200, TE30, TE40, TE50, TE60 via crafted SS7 packets can crash the system.

Vulnerability

RP200 (V500R002C00, V600R006C00), TE30 (V100R001C10, V500R002C00, V600R006C00), TE40 (V500R002C00, V600R006C00), TE50 (V500R002C00, V600R006C00), and TE60 (V100R001C10, V500R002C00, V600R006C00) contain an out-of-bounds read vulnerability due to insufficient input validation of SS7 related packets [1]. A remote attacker can send specially crafted SS7 packets to trigger the flaw [1].

Exploitation

The attacker requires network access to send malicious SS7 packets to the target device; no authentication is needed [1]. The vulnerability is triggered by sending a specially crafted SS7 packet, which is processed without proper bounds checking, causing the system to read memory beyond an allocated buffer [1].

Impact

Successful exploitation results in an out-of-bounds read, which can cause the system to crash, leading to a denial of service [1]. The CIA impact is primarily availability loss, though out-of-bounds reads may also expose sensitive memory contents [1].

Mitigation

Huawei has released software updates: upgrade RP200 to TEX0 V600R006C00SPC400, TE30 to V600R006C00SPC400, TE40 to V600R006C00SPC400, TE50 to V600R006C00SPC400, and TE60 to V600R006C00SPC400 [1]. The advisory was published 2017-11-01 [1]. No workaround is documented; applying the patch is the only mitigation [1].

References
  1. Security Advisory - Three Out-of-bounds Read Vulnerabilities in Some Huawei Products

AI Insight generated on May 22, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

8
  • Huawei/Te30llm-fuzzy
    Range: V100R001C10, V500R002C00, V600R006C00
  • Huawei/Te40llm-fuzzy
    Range: V500R002C00, V600R006C00
  • Huawei/RP200llm-fuzzy
    Range: V500R002C00, V600R006C00
  • Huawei Technologies Co., Ltd./RP200v5
    Range: V500R002C00
  • Huawei Technologies Co., Ltd./TE30v5
    Range: V100R001C10
  • Huawei Technologies Co., Ltd./TE40v5
    Range: V500R002C00
  • Huawei Technologies Co., Ltd./TE50v5
    Range: V500R002C00
  • Huawei Technologies Co., Ltd./TE60v5
    Range: V100R001C10

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.