What is CVE-2019-5294?

CVE-2019-5294 is a high-severity vulnerability in Huawei Ar1200, classified under Out-of-bounds Read. CVSS score: 7.5/10. Published 2019-11-13.

How severe is CVE-2019-5294?

High severity. CVSS v3 base score is 7.5 out of 10.

Out-of-bounds Read in Huawei Ar1200

CVE-2019-5294

There is an out of bound read vulnerability in some Huawei products. A remote, unauthenticated attacker may send a corrupt or crafted message to the affected products. Due to a buffer read overflow error when parsing the message, successfu…

Vulnerability class: Buffer Overflow

EPSS: 0.009 (55.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Huawei Ar1200
Huawei Ar1200_firmware — versions v200r005c20, v200r006c10, v200r007c00
Huawei Ar1200-s
Huawei Ar1200-s_firmware — versions v200r005c20, v200r006c10, v200r007c00
Huawei Ar120-s
Huawei Ar120-s_firmware — versions v200r005c20, v200r006c10, v200r007c00
Huawei Ar150
Huawei Ar150_firmware — versions v200r005c20, v200r006c10, v200r007c00
Huawei Ar150-s
Huawei Ar150-s_firmware — versions v200r005c20, v200r006c10, v200r007c00

Weakness classification (CWE)

CWE-125 — Out-of-bounds Read

References

psirt@huawei.com (x_refsource_MISC, Vendor Advisory)

Frequently asked questions

What is CVE-2019-5294?: CVE-2019-5294 is a high-severity vulnerability in Huawei Ar1200, classified under Out-of-bounds Read. CVSS score: 7.5/10. Published 2019-11-13.
How severe is CVE-2019-5294?: High severity. CVSS v3 base score is 7.5 out of 10.