VYPR
← All advisories
Unrated severityNVD Advisory· Published Feb 15, 2018· Updated Aug 5, 2024

CVE-2017-17162

CVE-2017-17162

Description

Huawei Secospace USG6600 V500R001C30SPC100, Secospace USG6600 V500R001C30SPC200, Secospace USG6600 V500R001C30SPC300, USG9500 V500R001C30SPC100, USG9500 V500R001C30SPC200, USG9500 V500R001C30SPC300 have a memory leak vulnerability due to memory don't be released when an local authenticated attacker execute special commands many times. An attacker could exploit it to cause memory leak, which may further lead to system exceptions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Memory leak in Huawei Secospace USG6600 and USG9500 firewalls allows local authenticated attacker to cause system exceptions via repeated command execution.

Vulnerability

A memory leak vulnerability exists in Huawei Secospace USG6600 V500R001C30SPC100, V500R001C30SPC200, V500R001C30SPC300 and USG9500 V500R001C30SPC100, V500R001C30SPC200, V500R001C30SPC300 firewalls. When a local authenticated attacker executes special commands many times, memory is not released, leading to memory exhaustion.

Exploitation

An attacker must have local authenticated access to the device. By repeatedly executing specific commands, the attacker triggers the memory leak, gradually consuming available memory.

Impact

Successful exploitation causes a memory leak, which may further lead to system exceptions, affecting device stability and availability (denial of service).

Mitigation

Huawei has released software updates: for USG6600 and USG9500, upgrade to V500R001C30SPC600 + V500R001SPH012 or V500R001C60SPC300 + V500R001SPH012. The advisory was published on December 13, 2017 [1].

References
  1. Security Advisory - Memory Leak Vulnerability in Some Huawei FireWall Products

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

3
  • Huawei/Secospace USG6600llm-fuzzy
    Range: V500R001C30SPC100, V500R001C30SPC200, V500R001C30SPC300
  • Huawei/USG9500llm-fuzzy
    Range: V500R001C30SPC100, V500R001C30SPC200, V500R001C30SPC300
  • Huawei Technologies Co., Ltd./Secospace USG6600, Secospace USG6600, Secospace USG6600, USG9500, USG9500, USG9500v5
    Range: Secospace USG6600 V500R001C30SPC100, Secospace USG6600 V500R001C30SPC200, Secospace USG6600 V500R001C30SPC300, USG9500 V500R001C30SPC100, USG9500 V500R001C30SPC200, USG9500 V500R001C30SPC300

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.