Unrated severityNVD Advisory· Published Dec 13, 2019· Updated Aug 4, 2024

CVE-2019-5258

Description

Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a buffer overflow vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Buffer overflow vulnerability in multiple Huawei products allows authenticated attackers to cause board abnormality via crafted messages.

Vulnerability

A buffer overflow vulnerability exists in certain Huawei products, including AP2000, IPS Module, NGFW Module, NIP6300, NIP6600, NIP6800, S5700, SVN5600, SVN5800, SVN5800-C, SeMG9811, Secospace AntiDDoS8000, Secospace USG6300, Secospace USG6500, Secospace USG6600, USG6000V, and eSpace U1981. The vulnerability is due to insufficient validation of inter-process message packets, allowing a crafted message to trigger a buffer overflow. [1]

Exploitation

An attacker must first log in to the affected board. The attacker can then send crafted messages from the internal network port or tamper with inter-process message packets to exploit the vulnerability. No additional privileges or user interaction beyond login is required. [1]

Impact

Successful exploitation causes the affected board to become abnormal, potentially resulting in a denial of service or disruption of normal operations. The exact impact depends on the affected product and the nature of the crafted message. [1]

Mitigation

Huawei has released security updates to fix this vulnerability. Customers are advised to upgrade to the fixed versions as specified in the security advisory (huawei-sa-20191211-01-ssp). The advisory was last updated on 2020-08-12. [1]

References

Security Advisory - Multiple Vulnerabilities in Some Huawei Products

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Huawei/productsdescription
Huawei/NIP6800llm-create
WatchGuard/AP200llm-fuzzy
Huawei/IPS Modulellm-fuzzy

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-ssp-enmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000