CVE-2014-4190

Name: CVE-2014-4190
Creator: NVD / NIST
Published: 2014-06-17T14:55:08.94+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.50%

Last modified Jun 17, 2026

CVE-2014-4190 is a vulnerability of currently unknown severity. Multiple heap-based buffer overflows in Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700, and LSW S9700 with software V200R001 before V200R001SPH013; S5700, S6700, S5300, and S6300 with software V200R002 before V200R002SPH005; S7700, S9300, S9300E, S5300, S5700, S6300, S6700, S2350, S2750, and LSW S9700 with software V200R003 before V200R003SPH005; and S7700, S9300, S9300E, and LSW S9700 with software V200R005 before V200R005C00SPC300 allow remote attackers to cause a denial of service (device restart) via a crafted length field in a packet.. EPSS estimates a 1.50% chance of exploitation in the next 30 days.

Description

Multiple heap-based buffer overflows in Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700, and LSW S9700 with software V200R001 before V200R001SPH013; S5700, S6700, S5300, and S6300 with software V200R002 before V200R002SPH005; S7700, S9300, S9300E, S5300, S5700, S6300, S6700, S2350, S2750, and LSW S9700 with software V200R003 before V200R003SPH005; and S7700, S9300, S9300E, and LSW S9700 with software V200R005 before V200R005C00SPC300 allow remote attackers to cause a denial of service (device restart) via a crafted length field in a packet.

Metrics

EPSS Probability

1.50%

70.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-119

Affected Software

Vendor	Product	Versions
Huawei	Campus Series Switch Software	v200r001
Huawei	Campus Lsw S9700	All versions
Huawei	Campus S3300hi	All versions
Huawei	Campus S3700hi	All versions
Huawei	Campus S5300	All versions
Huawei	Campus S5700	All versions
Huawei	Campus S6300	All versions
Huawei	Campus S6700	All versions
Huawei	Campus S7700	All versions
Huawei	Campus S9300	All versions
Huawei	Campus Series Switch Software	v200r005
Huawei	Campus S9300e	All versions
Huawei	Campus Series Switch Software	v200r003
Huawei	Campus S2350	All versions
Huawei	Campus S2750	All versions
Huawei	Campus Series Switch Software	v200r002

References

Timeline

Published: Jun 17, 2014
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2014-4190?

How severe is CVE-2014-4190?

Severity scoring for CVE-2014-4190 is pending analysis. The EPSS model estimates a 1.50% probability of exploitation in the next 30 days.

How do I fix CVE-2014-4190?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2014-4190?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST