Unrated severityNVD Advisory· Published Feb 15, 2018· Updated Aug 5, 2024

CVE-2017-17163

Description

Huawei Secospace USG6600 V500R001C30SPC100 has an Out-of-Bounds memory access vulnerability due to insufficient verification. An authenticated local attacker can make processing crash by executing some commands. The attacker can exploit this vulnerability to cause a denial of service.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Authenticated local attacker can trigger a denial of service via an out-of-bounds memory access on Huawei Secospace USG6600 by executing specific commands.

Vulnerability

Huawei Secospace USG6600 firmware version V500R001C30SPC100 contains an out-of-bounds memory access vulnerability due to insufficient verification [1]. This flaw exists in the handling of certain commands, allowing an authenticated local attacker to trigger a crash [1].

Exploitation

The attacker must have local authenticated access to the device [1]. By executing a series of commands that leverage the insufficient verification, the attacker can cause an out-of-bounds memory access, leading to a processing crash [1]. No user interaction beyond initial authentication is required [1].

Impact

Successful exploitation results in a denial of service (DoS) due to a crash of the affected process [1]. The impact is limited to availability; no implications for confidentiality or integrity have been disclosed in the available references [1].

Mitigation

Huawei released a software update that resolves this vulnerability: upgrade to V500R001C60SPC300 plus the patch V500R001SPH012 [1]. No workarounds have been provided in the advisory. The product is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog.

References

Security Advisory - Out-of-Bounds Memory Access Vulnerability on Some Huawei FireWall Products

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Huawei/Secospace USG6600llm-fuzzy
Range: V500R001C30SPC100
Huawei Technologies Co., Ltd./Secospace USG6600v5
Range: V500R001C30SPC100

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-01-firewall-enmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000