VYPR
← All advisories
Unrated severityNVD Advisory· Published Mar 9, 2018· Updated Aug 5, 2024

CVE-2017-17200

CVE-2017-17200

Description

Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing of malformed H323 messages. A remote attacker that controls a server could exploit this vulnerability by sending malformed H323 reply messages to a target device. Successful exploit could make the device read out of bounds and probably make a service unavailable.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

An out-of-bounds read vulnerability in multiple Huawei products due to improper processing of malformed H323 messages can cause denial of service.

Vulnerability

An out-of-bounds read vulnerability exists in the H323 message processing of several Huawei products: DP300 V500R002C00; RP200 V500R002C00 and V600R006C00; TE30 V100R001C10, V500R002C00, and V600R006C00; TE40 V500R002C00 and V600R006C00; TE50 V500R002C00 and V600R006C00; TE60 V100R001C10, V500R002C00, and V600R006C00. The flaw is triggered when the device processes a malformed H323 reply message from a server [1].

Exploitation

An attacker who controls a server can send a specially crafted malformed H323 reply message to a target device over the network. No authentication is required, and the attacker only needs network connectivity to the device. The device then reads out of bounds while parsing the malformed message [1].

Impact

Successful exploitation causes the device to read memory beyond the intended buffer, which can lead to a denial of service (service unavailability). There is no indication of information disclosure or code execution from this vulnerability [1].

Mitigation

Huawei has released software updates to fix this vulnerability. The resolved versions are: DP300 V500R002C00SPCb00; RP200 upgrade to TEX0[1] V600R006C00SPC400; TE30, TE40, TE50, TE60 upgrade to V600R006C00SPC400 (or later). Users should apply the updates from the Huawei support portal [1].

References
  1. Security Advisory - Two Out-of-Bounds Read Vulnerabilities in Some Huawei Products

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

4
  • Huawei/Te30llm-fuzzy
    Range: V100R001C10; V500R002C00; V600R006C00
  • Huawei/DP300llm-fuzzy
    Range: V500R002C00
  • Huawei/RP200llm-fuzzy
    Range: V500R002C00; V600R006C00
  • Huawei Technologies Co., Ltd./DP300; RP200; TE30; TE40; TE50; TE60v5
    Range: DP300 V500R002C00

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.