VYPR
← All advisories
Unrated severityNVD Advisory· Published Mar 9, 2018· Updated Aug 5, 2024

CVE-2017-17220

CVE-2017-17220

Description

SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an invalid memory access vulnerabilities. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

An unauthenticated remote attacker can cause a denial of service via invalid memory access in Huawei SCCPX module, affecting multiple products.

Vulnerability

An invalid memory access vulnerability exists in the SCCPX module of several Huawei products, including DP300 V500R002C00, RP200 V500R002C00 and V600R006C00, TE30 V100R001C10, V500R002C00, and V600R006C00, TE40 V500R002C00 and V600R006C00, TE50 V500R002C00 and V600R006C00, and TE60 V100R001C10, V500R002C00, and V600R006C00. The vulnerability is triggered when the module insufficiently validates crafted packets, leading to an invalid memory access.

Exploitation

An unauthenticated, remote attacker can exploit this vulnerability by sending specially crafted malformed packets containing a specific parameter to the affected products. No authentication or user interaction is required; the attack is network-based.

Impact

Successful exploitation results in a denial of service, impacting the availability of the product's service. No other CIA impacts (confidentiality or integrity) have been identified.

Mitigation

Huawei has released software updates to fix these vulnerabilities. Affected users should apply the latest firmware versions as indicated in the security advisory [1]. No workarounds are provided; upgrading is the only mitigation.

References
  1. Security Advisory - Three Vulnerabilities in SCCPX Module of Some Huawei Products

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

4
  • Huawei/Te30llm-fuzzy
    Range: V100R001C10; V500R002C00; V600R006C00
  • Huawei/DP300llm-fuzzy
    Range: V500R002C00
  • Huawei/RP200llm-fuzzy
    Range: V500R002C00; V600R006C00
  • Huawei Technologies Co., Ltd./DP300; RP200; TE30; TE40; TE50; TE60v5
    Range: DP300 V500R002C00

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.