CVE-2017-17137
Description
PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has an Out-of-Bounds memory access vulnerability due to insufficient verification. An authenticated local attacker can make processing crash by a malicious certificate. The attacker can exploit this vulnerability to cause a denial of service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An out-of-bounds memory access vulnerability in Huawei's PEM module allows an authenticated local attacker to cause a denial of service via a malicious certificate.
Vulnerability
An out-of-bounds memory access vulnerability exists in the PEM (Privacy-Enhanced Mail) certificate decoding module of multiple Huawei products. The affected versions include DP300 V500R002C00; IPS Module V500R001C00, V500R001C30; NGFW Module V500R001C00, V500R002C00; NIP6300 V500R001C00, V500R001C30; NIP6600 V500R001C00, V500R001C30; RP200 V500R002C00, V600R006C00; S12700 V200R007C00, V200R007C01, V200R008C00, V200R009C00, V200R010C00; S1700 V200R006C10, V200R009C00, V200R010C00; S2700 V200R006C10, V200R007C00, V200R008C00, V200R009C00, V200R010C00; S5700 V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00; S6700 V200R008C00, V200R009C00, V200R010C00; S7700 V200R007C00, V200R008C00, V200R009C00, V200R010C00; S9700 V200R007C00, V200R007C01, V200R008C00, V200R009C00, V200R010C00; Secospace USG6300 V500R001C00, V500R001C30; Secospace USG6500 V500R001C00, V500R001C30; Secospace USG6600 V500R001C00, V500R001C30S; TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00, V100R002C10; USG9500 V500R001C00, V500R001C30; ViewPoint 9030 V100R011C02, V100R011C03. The flaw is due to insufficient verification of input, leading to an out-of-bounds memory access when the PEM decoder processes a specially crafted malicious certificate [1].
Exploitation
An authenticated local attacker can exploit this vulnerability by providing a malicious certificate to the PEM module. The attacker does not need network access but requires local system authentication. The sequence involves crafting a certificate that triggers an out-of-bounds read or write during PEM parsing, which causes the processing to crash [1].
Impact
Successful exploitation leads to a denial of service (DoS) by crashing the PEM processing. The impact is limited to availability, as the attacker does not gain code execution or data access. The crash may affect the service relying on certificate parsing [1].
Mitigation
Huawei has released security advisories for this vulnerability. The advisory (huawei-sa-20171206-01-pem) was initially published on 2017-12-06 and updated on 2018-04-18. Customers should refer to the Huawei PSIRT advisory and apply the recommended updates or patches for their specific product versions. No workarounds are provided in the references [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- Range: V500R001C00; V500R001C30
- Range: V500R001C00; V500R002C00
- Huawei Technologies Co., Ltd./DP300; IPS Module; NGFW Module; NIP6300; NIP6600; RP200; S12700; S1700; S2700; S5700; S6700; S7700; S9700; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60; TP3106; TP3206; USG9500; ViewPoint 9030v5Range: DP300 V500R002C00
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-enmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.