VYPR
← All advisories
Unrated severityNVD Advisory· Published Apr 30, 2018· Updated Aug 5, 2024

CVE-2017-17314

CVE-2017-17314

Description

Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an invalid memory access vulnerability. An unauthenticated attacker has to find a way to send malformed SCCP messages to the affected products. Due to insufficient input validation of some values in the messages, successful exploit may cause buffer error and some service abnormal.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Huawei video conferencing products have an invalid memory access vulnerability due to insufficient input validation of SCCP messages, allowing buffer errors and service disruption.

Vulnerability

An invalid memory access vulnerability exists in Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10/V500R002C00/V600R006C00, TE40 V500R002C00/V600R006C00, TE50 V500R002C00/V600R006C00, and TE60 V100R001C10/V500R002C00/V600R006C00. The bug resides in insufficient input validation of values in SCCP messages, leading to buffer errors [1].

Exploitation

An unauthenticated attacker must send malformed SCCP messages to the affected products. The lack of proper input validation triggers an invalid memory access, causing buffer errors and abnormal service behavior [1].

Impact

Successful exploitation causes buffer errors, leading to abnormal operation of services. The impact is primarily denial of service; no information disclosure or code execution is mentioned in the reference [1].

Mitigation

Huawei has released software updates to fix this vulnerability. Affected versions have resolved versions: DP300 V500R002C00SPCb00, RP200 TEX0[1] V600R006C00SPC500, TE30 upgrade to TEX0[1] V600R006C00SPC500, TE40, TE50, TE60 similarly upgraded. See the advisory for full details [1]. No workarounds are provided.

References
  1. Security Advisory - Invalid Memory Access Vulnerability in Some Huawei Products

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

4
  • Huawei/Te30llm-fuzzy
    Range: V100R001C10, V500R002C00, V600R006C00
  • Huawei/DP300llm-fuzzy
    Range: V500R002C00
  • Huawei/RP200llm-fuzzy
    Range: V600R006C00
  • Huawei Technologies Co., Ltd./DP300, RP200, TE30, TE40, TE50, TE60v5
    Range: DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.