VAR-202004-2101
Vulnerability from variot - Updated: 2024-11-23 22:37There is a buffer overflow vulnerability in some Huawei products. The vulnerability can be exploited by an attacker to perform remote code execution on the affected products when the affected product functions as an optical line terminal (OLT). Affected product versions include:SmartAX MA5600T versions V800R013C10, V800R015C00, V800R015C10, V800R017C00, V800R017C10, V800R018C00, V800R018C10; SmartAX MA5800 versions V100R017C00, V100R017C10, V100R018C00, V100R018C10, V100R019C10; SmartAX EA5800 versions V100R018C00, V100R018C10, V100R019C10. Huawei SmartAX MA5600T , MA5800 , EA5800 Exists in a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Huawei SmartAX MA5600T is an integrated copper and copper access product that provides high-capacity, high-speed, and high-bandwidth data, voice, and video service access. SmartAX EA5800 multi-service access equipment is a smart aggregation OLT platform for enterprise customers with a distributed architecture and is positioned as the next-generation OLT for NG-PON
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-2101",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "smartax ea5800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r018c00"
},
{
"model": "smartax ea5800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r018c10"
},
{
"model": "smartax ea5800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r019c10"
},
{
"model": "smartax ma5600t",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v800r013c10"
},
{
"model": "smartax ma5600t",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v800r015c00"
},
{
"model": "smartax ma5600t",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v800r015c10"
},
{
"model": "smartax ma5600t",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v800r017c00"
},
{
"model": "smartax ma5800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r017c00"
},
{
"model": "smartax ma5800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r017c10"
},
{
"model": "smartax ma5800",
"scope": "eq",
"trust": 1.8,
"vendor": "huawei",
"version": "v100r018c00"
},
{
"model": "smartax ma5600t",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v800r018c10"
},
{
"model": "smartax ma5600t",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v800r017c10"
},
{
"model": "smartax ma5800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r019c10"
},
{
"model": "smartax ma5800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r018c10"
},
{
"model": "smartax ma5600t",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v800r018c00"
},
{
"model": "smartax ma5600t v800r013c10",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "smartax ma5600t v800r015c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "smartax ma5600t v800r015c10",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "smartax ma5600t v800r017c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "smartax ma5600t v800r017c10",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "smartax ma5600t v800r018c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "smartax ma5600t v800r018c10",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "smartax ma5800 v100r017c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "smartax ma5800 v100r017c10",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "smartax ma5800 v100r018c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "smartax ma5800 v100r018c10",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "smartax ma5800 v100r019c10",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "smartax ea5800 v100r018c00",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "smartax ea5800 v100r018c10",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
},
{
"model": "smartax ea5800 v100r019c10",
"scope": null,
"trust": 0.6,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21472"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003595"
},
{
"db": "NVD",
"id": "CVE-2020-9067"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:huawei:smartax_ea5800_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:smartax_ma5600t_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:huawei:smartax_ma5800_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003595"
}
]
},
"cve": "CVE-2020-9067",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CVE-2020-9067",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.2,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-003595",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.1,
"id": "CNVD-2020-21472",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2020-9067",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.0,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-003595",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-9067",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-003595",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-21472",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-061",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21472"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003595"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-061"
},
{
"db": "NVD",
"id": "CVE-2020-9067"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There is a buffer overflow vulnerability in some Huawei products. The vulnerability can be exploited by an attacker to perform remote code execution on the affected products when the affected product functions as an optical line terminal (OLT). Affected product versions include:SmartAX MA5600T versions V800R013C10, V800R015C00, V800R015C10, V800R017C00, V800R017C10, V800R018C00, V800R018C10; SmartAX MA5800 versions V100R017C00, V100R017C10, V100R018C00, V100R018C10, V100R019C10; SmartAX EA5800 versions V100R018C00, V100R018C10, V100R019C10. Huawei SmartAX MA5600T , MA5800 , EA5800 Exists in a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Huawei SmartAX MA5600T is an integrated copper and copper access product that provides high-capacity, high-speed, and high-bandwidth data, voice, and video service access. SmartAX EA5800 multi-service access equipment is a smart aggregation OLT platform for enterprise customers with a distributed architecture and is positioned as the next-generation OLT for NG-PON",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-9067"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003595"
},
{
"db": "CNVD",
"id": "CNVD-2020-21472"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-9067",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003595",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-21472",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-061",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21472"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003595"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-061"
},
{
"db": "NVD",
"id": "CVE-2020-9067"
}
]
},
"id": "VAR-202004-2101",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21472"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21472"
}
]
},
"last_update_date": "2024-11-23T22:37:24.338000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "huawei-sa-20200401-01-overflow",
"trust": 0.8,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200401-01-overflow-en"
},
{
"title": "Patch for Huawei SmartAX MA5600T, SmartAX MA5800, and SmartAX EA5800 buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/212635"
},
{
"title": "Huawei SmartAX MA5600T , SmartAX MA5800 and SmartAX EA5800 Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=113199"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21472"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003595"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-061"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003595"
},
{
"db": "NVD",
"id": "CVE-2020-9067"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200401-01-overflow-en"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9067"
},
{
"trust": 1.2,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200401-01-overflow-cn"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9067"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-21472"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003595"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-061"
},
{
"db": "NVD",
"id": "CVE-2020-9067"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-21472"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003595"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-061"
},
{
"db": "NVD",
"id": "CVE-2020-9067"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-21472"
},
{
"date": "2020-04-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003595"
},
{
"date": "2020-04-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-061"
},
{
"date": "2020-04-02T21:15:13.927000",
"db": "NVD",
"id": "CVE-2020-9067"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-04-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-21472"
},
{
"date": "2020-04-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003595"
},
{
"date": "2020-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-061"
},
{
"date": "2024-11-21T05:39:57.667000",
"db": "NVD",
"id": "CVE-2020-9067"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-061"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Huawei Classic buffer overflow vulnerability in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003595"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-061"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.